2418 matches found
CVE-2005-3346
Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LDPRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv...
CVE-2005-3346
Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LDPRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv...
CVE-2005-3346
CVE-2005-3346 affects osh (OSHevironment) 1.7-14, where a buffer overflow in the environment variable substitution code (main.c) can be triggered by pathname args like "$VAR/EVAR=arg". This allows a local attacker to inject arbitrary environment variables (e.g., LD_PRELOAD) and, per Debian's advi...
wu-ftpd ls -W memory exhaustion
The FTP server does not filter arguments to the ls command. It is possible to consume all available memory on the machine by sending ls '-w 1000000 -C' See http://www.guninski.com/binls.html OpenVAS Vulnerability Test $Id: wuftpdlsDoS.nasl 6053 2017-05-01 09:02:51Z teissa $ Description: wu-ftpd l...
CVE-2004-2515
Technical details for CVE-2004-2515 are not publicly available in the provided documents. The description notes a format-string vulnerability in VMware Workstation 4.5.2 but no specifics on affected components, root cause, or fixes are included here. Monitor for updates.
CVE-2005-3301
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to 1 left.php, 2 queryframe.php, or 3 serverdatabases.php...
CVE-2005-3301
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to 1 left.php, 2 queryframe.php, or 3 serverdatabases.php...
VisualBoyAdvanced Nintendo emulator buffer overflow
Buffer overflow on command line arguments parsing...
DEBIAN-CVE-2005-2772
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via 1 a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and 2 certain arguments when launching third party programs such as...
CVE-2005-2655
lockmail in maildrop before 1.5.3 does not drop privileges before executing commands, which allows local users to gain privileges via command line arguments...
CVE-2005-2505
Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation...
CVE-2005-2505
Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation...
CVE-2005-2483
Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services .ks script, which can reference functions from libraries that are used by that script...
CVE-2005-2236
CVE-2005-2236 describes a format string vulnerability in the paginit command for IBM AIX 5.3 (and possibly other versions). The issue could allow local users to execute arbitrary code via format strings supplied in command line arguments. This is a local privilege concern with an impact described...
CVE-2005-2236
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments...
Fast n Furious DtDNS Updater information leak
Command line arguments are visible in process list...
[SA15544] Fast n Furious DtDNS Updater Command Line Argument Disclosure
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
CVE-2005-0974
Unknown vulnerability in the nfsmount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments...
CVE-2005-0973
Unknown vulnerability in the setsockopt system call in Mac OS X 10.3.9 and earlier allows local users to cause a denial of service memory exhaustion via crafted arguments...
CVE-2005-0974
Unknown vulnerability in the nfsmount call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments...