.:[ packet storm ]:.
                         
plan for the worst
plan for the worst

 ///  File Name:oCERT-2009-009.txt
Description:
CamlImages versions 2.2 and below suffer from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the read_png_file and read_png_file_as_rgb24 functions do not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability.
Author:Andrea Barisani
Homepage:http://www.ocert.org/
File Size:1607
Related CVE(s):CVE-2009-2295
Last Modified:Jul 2 15:01:23 2009
MD5 Checksum:4fa5917b93622cf557fa89435814a10b

 .:. Back
 

 ///  Last 10 Files
  1. :· TA10-068A.txt
  2. :· tor.uclibc.i686.20100309.iso
  3. :· CORE-2009-1103.txt
  4. :· CORE-2009-0813.txt
  5. :· rivercms-sql.txt
  6. :· MDVSA-2010-058.txt
  7. :· nusnewssystem-sql.txt
  8. :· jevci-disclose.txt
  9. :· ZDI-10-026.txt
  10. :· mhproducts-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· TA10-068A.txt
  2. :· CORE-2009-1103.txt
  3. :· CORE-2009-0813.txt
  4. :· MDVSA-2010-058.txt
  5. :· ZDI-10-026.txt
  6. :· HPSBMA02489-SSRT090065.txt
  7. :· ZDI-10-025.txt
  8. :· dsa-2008-1.txt
  9. :· USN-907-1.txt
  10. :· MDVSA-2010-057.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· rivercms-sql.txt
  2. :· nusnewssystem-sql.txt
  3. :· jevci-disclose.txt
  4. :· mhproducts-sql.txt
  5. :· easyftp.rb.txt
  6. :· energizer_duo_payload.rb.txt
  7. :· orbital_viewer_orb.rb.txt
  8. :· rsstatic-sql.txt
  9. :· uebimiauwebmail-disclose.txt
  10. :· aef-xss.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· tor.uclibc.i686.20100309.iso
  2. :· reverberation.c
  3. :· Ravage.zip
  4. :· reglookup-0.12.0.tar.gz
  5. :· khc_0.2.tar.gz
  6. :· geoipgen-0.4.tar.gz
  7. :· nessus-xmlrpc-0.3.tar.gz
  8. :· openssh-5.4p1.tar.gz
  9. :· AdvancedWinServiceManager.zip
  10. :· kolang-bypass.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· exploit-writing-tutorial-part-9-win32-shellcoding.pdf
  2. :· exploit-writing-tutorial-part-8-win32-egg-hunt.pdf
  3. :· codegate2010.txt
  4. :· jitednotepad-shellcode.txt
  5. :· jitedstage0-shellcode.txt
  6. :· Writing-JIT-Spray-Shellcode.pdf
  7. :· execve-md.c
  8. :· joomla-rfis.txt
  9. :· GoogleGears_for_Attackers.pdf
  10. :· F_IE_PrisonBreak.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice