95 matches found
CVE-2004-0972
CVE-2004-0972 concerns the lvmcreate_initrd helper in the Trustix/ lvm package (lvm1) where a temporary-directory creation flaw enables a local attacker to perform a symlink-based overwrite of arbitrary files. The described root cause is insecure handling of temporary files by the script, allowin...
CVE-2004-0972
The lvmcreateinitrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files...
CVE-2003-0972
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" semicolon characters in escape sequences, which leads to a buffer overflow...
CVE-2003-0972
...
CVE-2003-0972
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" semicolon characters in escape sequences, which leads to a buffer overflow...
CVE-2003-0972
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" semicolon characters in escape sequences, which leads to a buffer overflow...
CVE-2003-0972
CVE-2003-0972 affects the GNU screen terminal multiplexer with an integer overflow in the handling of escape sequences (long sequences with semicolons), leading to a buffer overflow. Public advisories (e.g., Debian DSA-408) confirm local privilege escalation by gaining group utmp privileges and l...
CVE-2003-0972
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" semicolon characters in escape sequences, which leads to a buffer overflow...
CVE-2002-0972
CVE-2002-0972 affects PostgreSQL 7.2 with buffer overflows in lpad() and rpad() (and related functions) that can cause a denial of service and may allow arbitrary code execution when crafted input is processed by the server. Connected sources corroborate multiple vendor advisories (Debian DSA 165...
CVE-2001-0972
Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie UserID 1, i.e. "0888888."...
CVE-2001-0972
The CVE-2001-0972 entry concerns Surf-Net ASP Forum prior to version 2.30, where admin cookies are derived from the UserID and are easily guessable (example: admin cookie for UserID 1 is “0888888”). This creates a remote‑attack risk: a attacker could calculate the admin cookie and gain administra...
CVE-2000-0972
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates...
CVE-1999-0972
CVE-1999-0972 describes a buffer overflow in the Xshipwars xsw program. The vulnerability is reported with a CVSS v2 base score of 7.5 (HIGH), with network attack vector, low access complexity, no authentication, and partial impacts to confidentiality, integrity, and availability. The provided do...
CVE-1999-0972
Buffer overflow in Xshipwars xsw program...
CVE-2013-0972
CVE-2013-0972 entry is rejected/not used as explicitly stated.