Lucene search
K

7665 matches found

CVE
CVE
added 2001/09/12 4:0 a.m.39 views

CVE-1999-1292

The CVE-1999-1292 entry describes a buffer overflow in the web administration feature of Kolban Webcam32 versions up to 4.8.3 and earlier. The underlying issue is a buffer overflow in the web admin interface that allows remote attackers to execute arbitrary commands by supplying a long URL. No ex...

7.5CVSS8.7AI score0.01994EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2001/09/12 4:0 a.m.127 views

CVE-1999-1376

CVE-1999-1376 targets IIS 4.0 with FrontPage Server Extensions, via the fpcount.exe CGI. The vulnerability is a remote buffer overflow in the fpcount.exe CGI that could allow a remote attacker to execute arbitrary commands on the server, potentially crashing it or taking control. Incident details...

10CVSS7.7AI score0.23962EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.15 views

CVE-1999-1334

Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via 1 long From: headers, 2 long Reply-To: headers, or 3 via a long -f filterfile command line argument...

7.7AI score0.01715EPSS
Exploits0References2
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.36 views

CVE-1999-1112

Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header...

7.6AI score0.03849EPSS
Exploits1References4
CVE
CVE
added 2001/09/12 4:0 a.m.51 views

CVE-1999-1155

CVE-1999-1155 affects the LakeWeb Mail List CGI script, where remote attackers can execute arbitrary commands by injecting shell metacharacters into the recipient email address. The description specifies a remote command execution risk with network access and no authentication. No explicit patch ...

7.5CVSS8.5AI score0.02375EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2001/09/12 4:0 a.m.48 views

CVE-1999-1261

The provided records describe CVE-1999-1261: a buffer overflow in Rainbow Six Multiplayer triggered by a long nickname (nick) command, enabling remote denial of service and potentially arbitrary command execution. The issue is software-level, affecting Rainbow Six Multiplayer, with network-based ...

5CVSS8.6AI score0.01615EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2001/09/12 4:0 a.m.44 views

CVE-1999-1511

CVE-1999-1511 affects Xtramail 1.11, with buffer overflow issues in multiple services: POP3 PASS, SMTP HELO, and Control Service username. These overflow conditions can crash the service and may allow arbitrary code execution. Nessus plugin entries indicate fixes targeting Xtramail

7.5CVSS7.7AI score0.02166EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2001/09/12 4:0 a.m.48 views

CVE-1999-1334

CVE-1999-1334 : Multiple buffer overflows in the filter command of Elm 2.4 allow an attacker to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) a long -f (filterfile) command line argument. The connected sources confirm Elm 2.4 as the affected component a...

7.5CVSS8.1AI score0.01715EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.15 views

CVE-1999-1154

LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address...

7.7AI score0.02355EPSS
Exploits1References3
CVE
CVE
added 2001/09/12 4:0 a.m.50 views

CVE-1999-1479

CVE-1999-1479 affects the CGI textcounter.pl (Matt Wright) – the installed textcounter CGI allows remote command execution via shell metacharacters. Impact is remote code execution with the privileges of the http daemon (usually root or nobody). Remediation available is to remove the CGI from /cg...

10CVSS7.9AI score0.1187EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2001/09/12 4:0 a.m.55 views

CVE-1999-0808

CVE-1999-0808 highlights multiple buffer overflows in ISC DHCP Distribution server (dhcpd) versions 1.0 and 2.0. The root cause, as documented, is unsafe handling of long options, which can be exploited by a remote attacker to cause a crash and potentially execute arbitrary commands. Affected com...

7.5CVSS8.1AI score0.03241EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2001/09/12 4:0 a.m.46 views

CVE-1999-1502

CVE-1999-1502 affects the Quake 1.9 client. It is due to buffer overflows triggered by long values in four fields (precache paths, server name, server address, argument to the map console command), allowing a remote attacker to execute arbitrary commands on the client. Exploitation details are no...

7.5CVSS8.4AI score0.01936EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2001/09/08 12:0 a.m.72 views

Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution

Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/3308/info Hassan Consulting's Shopping Cart is commercial web store software. Shopping Cart does not filter certain types of user-supplied input from web requests. This makes it possible f...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/09/08 12:0 a.m.66 views

Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/3308/info Hassan Consulting's Shopping Cart is commercial web store software. Shopping Cart does not filter certain types of user-supplied input from web requests. This makes it possible for a malicious user to submit a request which causes arbitrary...

7.4AI score
Exploits0
CERT
CERT
added 2001/09/06 12:0 a.m.27 views

Network Associates CSMAP and smap/smapd vulnerable to buffer overflow thereby allowing arbitrary command execution

Overview A remotely exploitable buffer overflow exists in the Gauntlet Firewall. Description The buffer overflow occurs in the smap/smapd and CSMAP daemons. According to PGP Security, these daemons are responsible for handling email transactions for both inbound and outbound e-mail.This...

8.1AI score
Exploits0References1
exploitpack
exploitpack
added 2001/09/01 12:0 a.m.12 views

Irix LPD tagprinter - Command Execution (Metasploit)

Irix LPD tagprinter - Command Execution Metasploit $Id: tagprinterexec.rb 10561 2010-10-06 00:53:45Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

0.7AI score0.54115EPSS
Exploits5
exploitpack
exploitpack
added 2001/08/31 12:0 a.m.41 views

Solaris 8.0 LPD - Command Execution (Metasploit)

Solaris 8.0 LPD - Command Execution Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

0.834EPSS
Exploits7
CERT
CERT
added 2001/08/21 12:0 a.m.30 views

Aladdin Ghostscript LD_RUN_PATH environment variable allows libraries to be loaded from current directory

Overview Alladin Ghostscript, a previewer for postscript files, uses an insecure value for the LDRUNPATH environment variable. This allows attackers to supply malicious libraries to be loaded from the current directory. Description Alladin Ghostscript is a previewer for postscript files. In...

4.6CVSS7.1AI score0.00405EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2001/08/13 12:0 a.m.139 views

SuSE Support Data Base sbsearch.cgi Arbitrary Command Execution

SuSE CGI 'sdbsearch.cgi' is installed. This CGI allows a local and possibly remote user to execute arbitrary commands with the privileges of the HTTP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10720;...

7.5CVSS5.9AI score0.10817EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2001/08/13 12:0 a.m.107 views

NetCode NC Book book.cgi current Parameter Arbitrary Command Execution

The CGI 'book.cgi' is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include 'compat.inc' ; ifdescription scriptid10721; scriptversion"1.27";...

7.5CVSS5.5AI score0.03588EPSS
Exploits1References1
Rows per page
Query Builder