CVE-2017-6799
A cross-site scripting (XSS) vulnerability in view_filters_page.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the ‘view_type’ parameter.
Source: CVE-2017-6799
[월:] 2017년 03월
CVE-2017-6802
CVE-2017-6802
An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
Source: CVE-2017-6802
CVE-2017-6801
CVE-2017-6801
An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
Source: CVE-2017-6801
CVE-2017-6804
CVE-2017-6804
A Stored XSS Vulnerability exists in the WP Markdown Editor (aka wp-markdown-editor) plugin 2.0.3 for WordPress. An example attack vector is a crafted IMG element in Add New Post or Edit Post.
Source: CVE-2017-6804
CVE-2017-6800
CVE-2017-6800
An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.
Source: CVE-2017-6800
CVE-2017-6798
CVE-2017-6798
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208.
Source: CVE-2017-6798
CVE-2017-6506
CVE-2017-6506
In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
Source: CVE-2017-6506
CVE-2015-2330 (webkitgtk)
CVE-2015-2330 (webkitgtk)
Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies.
Source: CVE-2015-2330 (webkitgtk)
CVE-2017-6313 (gdk-pixbuf)
CVE-2017-6313 (gdk-pixbuf)
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.
Source: CVE-2017-6313 (gdk-pixbuf)
CVE-2017-6311 (gdk-pixbuf)
CVE-2017-6311 (gdk-pixbuf)
gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.
Source: CVE-2017-6311 (gdk-pixbuf)