7667 matches found
Adobe Acrobat Reader (UNIX) 5.0 6 Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
Adobe Acrobat Reader UNIX 5.0 6 Xpdf 0.9x Hyperlinks - Arbitrary Command Execution source: https://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled with...
Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled within the viewer. Allegedly, by placing a specially formatted hyperlink within a PDF...
CVE-2003-0354
Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job...
AIX 4.3.35.x - Getlvcb Command Line Argument Buffer Overflow (1)
AIX 4.3.35.x - Getlvcb Command Line Argument Buffer Overflow 1 source: https://www.securityfocus.com/bid/9905/info getlvcb has been reported to be prone to a buffer overflow vulnerability. When an argument is passed to the getlvcb utility, the string is copied into a reserved buffer in memory. Da...
RedHat 9.0 / Slackware 8.1 - '/bin/mail' Carbon Copy Field Buffer Overrun
source: https://www.securityfocus.com/bid/7760/info A vulnerability has been discovered in the Linux /bin/mail utility. The problem occurs when processing excessive data within the carbon copy field. Due to insufficient bounds checking while parsing this information it may be possible to trigger ...
Samba 2.2.x - call_trans2open Remote Buffer Overflow (3)
Samba 2.2.x - calltrans2open Remote Buffer Overflow 3 // source: https://www.securityfocus.com/bid/7294/info A buffer overflow vulnerability has been reported for Samba. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server,...
Samba 2.2.x - 'call_trans2open' Remote Buffer Overflow (3)
// source: https://www.securityfocus.com/bid/7294/info A buffer overflow vulnerability has been reported for Samba. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server, it may be possible for an anonymous user to corrupt...
unhappycgi.txt
Advisory URL: http://securitytracker.com/alerts/2003/May/1006707.html Vendor: Happycgi.com Product: Happymall Versions: 4.3, 4.4 Title: Happymall E-Commerce Input Validation Flaw Lets Remote Users Execute Arbitrary Commands Description: Revin Aldi reported an input validation vulnerability in the...
HappyMall Multiple Script Arbitrary Command Execution
There is a flaw HappyMall that could allow an attacker to execute arbitrary commands with the privileges of the HTTP daemon typically root or nobody, by making a request like : /shop/normalhtml.cgi?file=|id| In addition, memberhtml.cgi has been reported vulnerable. However, Nessus has not checked...
CVE-2003-0171
DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program...
IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (2)
IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution 2 source: https://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data...
StockMan Shopping Cart shop.plx page Parameter Arbitrary Command Execution
The remote host is running the StockMan shopping cart. According to the version number of the CGI shop.plx, there is a flaw in this installation that could allow an attacker to execute arbitrary commands on this host, and which could also allow him to obtain your list of customers or their credit...
[SECURITY] [DSA 296-1] New kdebase packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 296-1 [email protected] http://www.debian.org/security/ Martin Schulze April 30th, 2003 http://www.debian.org/security/faq -...
DSA-296 kdebase - insecure execution
Bulletin has no description...
CVE-2003-0084
The CVE-2003-0084 issue affects the mod_auth_any Apache module included in Red Hat Enterprise Linux 2.1 (and other OS) where arguments passed to external programs are not properly escaped. This enables remote attackers to execute arbitrary commands via shell metacharacters, potentially running co...
Kerio Personal Firewall 2.1.x - Remote Authentication Packet Buffer Overflow (1)
source: https://www.securityfocus.com/bid/7180/info A buffer-overflow vulnerability has been discovered in Kerio Personal Firewall. The problem occurs during the administration authentication process. An attacker could exploit this vulnerability by forging a malicious packet containing an excessi...
[SECURITY] [DSA 294-1] New gkrellm-newsticker packages fix DoS and arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 294-1 [email protected] http://www.debian.org/security/ Martin Schulze April 23rd, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 293-1] New kdelibs packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 293-1 [email protected] http://www.debian.org/security/ Martin Schulze April 23rd, 2003 http://www.debian.org/security/faq -...
Security problems in gkrellm-newsticker
Brian Campbell discovered two security-related problems in gkrellm-newsticker, a plugin for the gkrellm system monitor program, which provides a news ticker from RDF feeds. The following IDs were assigned: CAN-2003-0205 gkrellm-newsticker can launch a web browser of the user's choice when the...
DSA-293 kdelibs - insecure execution
Bulletin has no description...