signed software vulnerabilities
vulnerabilities.aspcode.net
Searching signed software vulnerabilities
The OpenPGP PGP standard allows an attacker to
cryptanalytic
|
determine
|
signature
|
encrypted
|
attacker
|
standard
|
captures
|
message
|
OpenPGP
|
private
|
alters
|
signed
|
single
|
allows
|
attack
|
which
|
file
|
PGP
|
key
|
via
|
The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key.
The digital signature mechanism for the Adobe A
executable
|
arbitrary
|
attackers
|
certified
|
signature
|
mechanism
|
verifies
|
plug-in
|
digital
|
Acrobat
|
execute
|
making
|
viewer
|
appear
|
signed
|
header
|
Adobe
|
which
|
allow
|
mode
|
only
|
code
|
PDF
|
can
|
The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe.
Multiple signedness errors (mixed signed and un
signedness
|
Multiple
|
errors
|
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
Signed integer overflow in the bttv_read functi
bttv_read
|
function
|
overflow
|
integer
|
driver
|
Signed
|
bttv
|
Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors.
The default --checksig setting in RPM Package M
--checksig
|
Package
|
Manager
|
default
|
setting
|
RPM
|
The default --checksig setting in RPM Package Manager 4.0.4 checks that a package's signature is valid without listing who signed it, which can allow remote attackers to make it appear that a malicious package comes from a trusted source.
Signed integer vulnerability in libnasl in Ness
vulnerability
|
libnasl
|
integer
|
before
|
Nessus
|
Signed
|
Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script.
Mozilla Firefox before the Preview Release, Moz
Release
|
Preview
|
Mozilla
|
Firefox
|
before
|
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 may allow remote attackers to trick users into performing unexpected actions, including installing software, via signed scripts that request enhanced abilities using the enablePrivilege parameter, then modify the meaning of certain security-relevant dialog messages.
ServerAdmin in Mac OS X 10.2.8 through 10.3.5 u
ServerAdmin
|
Mac
|
ServerAdmin in Mac OS X 10.2.8 through 10.3.5 uses the same example self-signed certificate on each system, which allows remote attackers to decrypt sessions.
X.509 Certificate Signature Verification in Gnu
Verification
|
Certificate
|
transport
|
Signature
|
security
|
library
|
layer
|
X509
|
Gnu
|
X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.
KMail 1.7.1 in KDE 3.3.2 allows remote attacker
KMail
|
KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email information, such as whether the email has been digitally signed or encrypted, via HTML formatted email.
Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses diff
kernel
|
Linux
|
Linux kernel 2.6.10 and 2.6.11rc1-bk6 uses different size types for offset arguments to the proc_file_read and locks_read_proc functions, which leads to a heap-based buffer overflow when a signed comparison causes negative integers to be used in a positive context.
Scrapland 1.0 and earlier allows remote attacke
attackers
|
Scrapland
|
service
|
earlier
|
denial
|
allows
|
remote
|
cause
|
Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) by triggering an error, which is treated as a fatal error by the server, as demonstrated using (1) signed integers for size values, (2) an invalid model, (3) a "newpos" value that is less than or equal to a size value, or (4) partial packets.
Integer signedness error in certain older versi
Mtp-Target
|
signedness
|
versions
|
library
|
Integer
|
certain
|
error
|
older
|
used
|
NeL
|
Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison.
The __VIEWSTATE functionality in Microsoft ASP.
cryptographically
|
functionality
|
__VIEWSTATE
|
attackers
|
Microsoft
|
service
|
remote
|
denial
|
ASPNET
|
signed
|
allows
|
cause
|
not
|
The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup.
Scorched 3D 39.1 (bf) and earlier allows remote
Scorched
|
Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a denial of service (long loop and server hang) via a negative numplayers value that bypasses a signed check in ServerConnectHandler.cpp.
tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allow
tunnelformyaws
|
Nortel
|
VPN
|
SSL
|
tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet.
The procfs code (proc_misc.c) in Linux 2.6.14.3
procfs
|
code
|
The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.
Integer signedness error in the i386_set_ldt ca
i386_set_ldt
|
signedness
|
possibly
|
versions
|
service
|
earlier
|
Integer
|
FreeBSD
|
allows
|
denial
|
cause
|
error
|
users
|
local
|
call
|
down
|
Integer signedness error in the i386_set_ldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service (crash) via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large length parameter, a different vulnerability than CVE-2006-4172.
Integer signedness error in FreeBSD 6.0-RELEASE
signedness
|
60-RELEASE
|
FreeBSD
|
Integer
|
service
|
denial
|
allows
|
error
|
cause
|
local
|
users
|
Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call.
IBM Lotus Domino 7.0.x before 7.0.3 does not re
Domino
|
before
|
Lotus
|
IBM
|
70x
|
IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database.
Software vulnerabilities results 1 to 20 of 50
Page:
1
2
3
►