532 matches found
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : cups, cupsys vulnerability (USN-1012-1)
Emmanuel Bouillon discovered that CUPS did not properly handle certain Internet Printing Protocol IPP packets. A remote attacker could use this flaw to cause a denial of service or possibly execute arbitrary code. In the default installation in Ubuntu 8.04 LTS and later, attackers would be isolat...
CVE-2010-1012
CVE-2010-1012 affects the TYPO3 CleanDB (nf_cleandb) extension, up to version 1.0.7, with a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands via unspecified vectors. The issue is documented across multiple feeds (NVD, Red Hat listing, CVE records) with id...
CVE-2009-1012
Affected software: Oracle BEA WebLogic Server plug-ins for Apache and IIS web servers (versions 7.0 Gold–SP7, 8.1 Gold–SP6, 9.0/9.1/9.2 Gold–MP3, 10.0 Gold–MP1, 10.3). The vulnerability is described as an integer overflow in an unspecified plug-in that parses HTTP requests, potentially causing a ...
CVE-2008-1012
The CVE-2008-1012 issue affects Apple AirPort Extreme Base Station Firmware 7.3.1, where the AFP protocol handler fails input validation on malformed requests. The vulnerability allows remote attackers to trigger a denial of service, causing the file sharing service to hang. Affected component: A...
Debian Security Advisory DSA 407-1 (ethereal)
The remote host is missing an update to ethereal announced via advisory DSA 407-1. OpenVAS Vulnerability Test $Id: deb4071.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 407-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 1012-1 (unzip)
The remote host is missing an update to unzip announced via advisory DSA 1012-1. A buffer overflow in the command line argument parsing has been discovered in unzip, the de-archiver for ZIP files that could lead to the execution of arbitrary code. For the old stable distribution woody this proble...
Debian Security Advisory DSA 407-1 (ethereal)
The remote host is missing an update to ethereal announced via advisory DSA 407-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1012-1 : unzip - buffer overflow
A buffer overflow in the command line argument parsing has been discovered in unzip, the de-archiver for ZIP files, that could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
CVE-2006-1012
SQL injection vulnerability in WordPress 1.5.2, and possibly other versions before 2.0, allows remote attackers to execute arbitrary SQL commands via the User-Agent field in an HTTP header for a comment...
CVE-2006-1012
CVE-2006-1012 describes a SQL injection in WordPress 1.5.2, and possibly earlier versions before 2.0, where an attacker can cause arbitrary SQL execution through the User-Agent header of a comment HTTP request. OpenVAS GLSA 200603-01 and related entries confirm WordPress as the affected software,...
CVE-2005-1012
CVE-2005-1012 is an XSS vulnerability in Iatek SiteEnable. The issue allows remote attackers to inject arbitrary web script or HTML through (1) contenttype in content.asp, (2) the title, or (3) the description. The NVD entry confirms the affected component as SiteEnable and the impact is reflecte...
CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command "bodyp" that is treated as a different command "body.peek" and causes an index increment error that leads to an out-of-bounds memory...
Fedora Core 3 : cyrus-imapd-2.2.10-1.fc3 (2004-487)
Fix several buffer overflow problems that could be used as an exploit. Fixes the following security advisories: CVE-2004-1011 CVE-2004-1012 CVE-2004-1013 CVE-2004-1015 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
Fedora Core 2 : cyrus-imapd-2.2.10-1.fc2 (2004-489)
Fix several buffer overflow problems that could be used as an exploit. Fixes the following security advisories: CVE-2004-1011 CVE-2004-1012 CVE-2004-1013 CVE-2004-1015 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...
CVE-2004-1012
CVE-2004-1012 affects Cyrus IMAP Server 2.2.6 and earlier. The vulnerability arises in the PARTIAL command argument parsing: a command like body[ p is treated as body.peek, triggering an index increment error and out-of-bounds memory corruption that enables remote authenticated code execution. Co...
CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command "bodyp" that is treated as a different command "body.peek" and causes an index increment error that leads to an out-of-bounds memory...
CVE-2004-1012
The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command "bodyp" that is treated as a different command "body.peek" and causes an index increment error that leads to an out-of-bounds memory...
CVE-2003-1012
The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets...
CVE-2003-1012
CVE-2003-1012 relates to Ethereal (Wireshark predecessor). The SMB dissector in Ethereal before 0.10.0 is vulnerable to remote denial of service via a malformed SMB packet that triggers a segmentation fault during processing of selected packets. Several vendor advisories (Red Hat RHSA-2004:002, D...
CVE-2003-1012
The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets...