107 matches found
CVE-2010-0825
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks...
Mandriva Update for initscripts MDVA-2010:083 (initscripts)
Check for the Version of initscripts OpenVAS Vulnerability Test Mandriva Update for initscripts MDVA-2010:083 initscripts Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
CVE-2009-0825
TinX CMS is vulnerable to an SQL injection in the rss.php module. Affected: TinX CMS 3.x before 3.5.1. Root cause: user input passed to the id parameter is not properly sanitized, allowing remote attackers to craft requests (e.g., /system/rss.php?id=1'SQL-code) to trigger arbitrary SQL execution....
[Positive Technologies SA:2009-13] TinX CMS 3.x SQL Injection Vulnerability
---------------------------------------------------------------------- PT-2009-13 Positive Technologies Security Advisory TinX CMS SQL Injection vulnerability ---------------------------------------------------------------------- --- Affected Software TinX CMS Versions 3.x prior to 3.5.1 Product...
CVE-2009-0825
creationtimestamp| type| source ---|---|--- 2009-03-06 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32843...
CVE-2008-0825
Claroline before 1.8.9 contains an SQL injection vulnerability exploitable by remote attackers via unspecified vectors, allowing arbitrary SQL execution. The issue is documented across multiple sources (NVD and CVE records). No concrete exploit details, vector specifics, or patch information are ...
CVE-2007-0825
FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of service CPU consumption via a response to a PWD command that contains a long string with deeply nested directory structure, possibly due to a buffer overflow...
CVE-2007-0825
FlashFXP 3.4.0 build 1145 is affected by a denial-of-service vulnerability that can be triggered by a remote server sending a response to a PWD command containing a very long string with a deeply nested directory structure, potentially causing a buffer overflow and high CPU usage. The issue is do...
CVE-2006-0825
The CVE-2006-0825 entry concerns Xerox WorkCentre devices (Pro and WorkCentre lines) running software 13.027.24.015 and 14.027.24.015, where the ESS/Network Controller and MicroServer Web Server contain multiple vulnerabilities that allow remote attackers to bypass authentication or gain unauthor...
CVE-2005-0825
Buffer overflow in LTris before 1.0.10 allows local users to execute arbitrary code via a crafted highscores file...
CVE-2005-0825
CVE-2005-0825 affects LTris prior to 1.0.10. A buffer overflow triggered by a crafted highscores file allows local users to run arbitrary code. The description and connected sources state the vulnerability is local-rights elevation with a potential to execute code on the affected host, but no exp...
CVE-2004-0825
QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service application deadlock via a certain sequence of operations...
MS04-006: WINS Server Remote Overflow (830352) (uncredentialed check)
The remote Windows Internet Naming Service WINS is affected by a vulnerability that could allow an attacker to execute arbitrary code on this host. To exploit this flaw, an attacker would need to send a specially crafted packet with improperly advertised lengths. C Tenable Network Security, Inc...
CVE-2004-0825
CVE-2004-0825 affects Apple QuickTime Streaming Server used in Mac OS X Server versions 10.2.8, 10.3.4, and 10.3.5. The vulnerability allows a remote attacker to cause a denial-of-service (application deadlock) through a specific sequence of operations. The NVD entry provides a Network attack vec...
CVE-2004-0825
QuickTime Streaming Server in Mac OS X Server 10.2.8, 10.3.4, and 10.3.5 allows remote attackers to cause a denial of service application deadlock via a certain sequence of operations...
CVE-2001-0825
The CVE-2001-0825 entry concerns xinetd prior to 2.1.8.8, where a buffer overflow in internal string handling routines enables remote command execution. The vulnerability stems from a length argument of zero or less, which disables the length check and may allow an attacker to run arbitrary comma...
CVE-2003-0825
CVE-2003-0825 concerns the Windows Internet Naming Service (WINS) in Windows NT/2000/Server 2003 families, where malformed packets with improper lengths bypass WINS’ length validation. The result is a remote denial of service on Windows Server 2003 and, for older platforms, potential denial of se...
MS04-006: WINS Server Remote Overflow (830352)
The remote Windows Internet Naming Service WINS is vulnerable to a flaw that could allow an attacker to execute arbitrary code on this host. To exploit this flaw, an attacker would need to send a specially crafted packet with improperly advertised lengths. C Tenable Network Security, Inc...
CVE-2002-0825
Buffer overflow in the DNS SRV code for nssldap before nssldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code...
CVE-2002-0825
Buffer overflow in the DNS SRV code for nssldap before nssldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code...