Lucene search
K

1034 matches found

OSV
OSV
added 2006/12/10 2:28 a.m.2 views

DEBIAN-CVE-2006-5874

Clam AntiVirus ClamAV 0.88 and earlier allows remote attackers to cause a denial of service crash via a malformed base64-encoded MIME attachment that triggers a null pointer dereference...

5CVSS8.7AI score0.02568EPSS
Exploits0References1
OSV
OSV
added 2006/12/10 2:28 a.m.11 views

CVE-2006-6406

Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...

6.3AI score
Exploits0References14
Cvelist
Cvelist
added 2006/12/10 2:0 a.m.27 views

CVE-2006-6406

Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...

6.2AI score0.03081EPSS
Exploits1References13
Debian CVE
Debian CVE
added 2006/12/10 2:0 a.m.23 views

CVE-2006-6406

Clam AntiVirus ClamAV 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...

5CVSS6.3AI score0.03081EPSS
Exploits1
Cvelist
Cvelist
added 2006/12/10 2:0 a.m.20 views

CVE-2006-6405

BitDefender Mail Protection for SMB 2.0 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...

6.6AI score0.01274EPSS
Exploits1References3
Cvelist
Cvelist
added 2006/12/10 2:0 a.m.29 views

CVE-2006-6407

F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file...

6.7AI score0.02042EPSS
Exploits1References3
securityvulns
securityvulns
added 2006/12/08 12:0 a.m.42 views

Multiple Vendor Unusual MIME Encoding Content Filter Bypass

Several e-mail virus scanners can be tricked into passing an EICAR test file if the following conditions are met: 1. the EICAR file is encoded in Base64 including characters not in the standard alphabet e.g. whitespaces and 2. the part containing the EICAR file is nested within one or several...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2006/11/02 12:0 a.m.48 views

MailEnable SMTP NTLM认证多个安全漏洞

MailEnable是一款商业性质的POP3和SMTP服务器。 MailEnable的NTLM认证过程中SMTP连接器存在3个预认证漏洞。 1. 在处理NTLM Type1消息的签名字段时存在缓冲区溢出,可能导致执行任意代码; 2. 在处理base64编码的NTLM Type1消息中安全缓冲区时存在越界读取,可能导致拒绝服务; 3. 在Type3消息的base64编码过程中存在越界读取,可能导致执行任意代码。 MailEnable MailEnable Professional 2.0 MailEnable MailEnable Enterprise 2.0...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/08/12 12:0 a.m.40 views

MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit)

$Id: mdaemoncrammd5.rb 9583 2010-06-22 19:11:05Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

4.6CVSS7AI score0.88509EPSS
Exploits12
0day.today
0day.today
added 2005/08/09 12:0 a.m.116 views

Wordpress <= 1.5.1.3 Remote Code Execution 0-Day Exploit

Exploit for unknown platform in category web applications ======================================================== Wordpress = 1.5.1.3 Remote Code Execution 0-Day Exploit ======================================================== ?php echo "Wordpress = 1.5.1.3 - remote code execution 0-DDAAYY...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2005/05/10 12:0 a.m.12 views

NukeET 3.03.1 - Base64 Codigo Variable Cross-Site Scripting

NukeET 3.03.1 - Base64 Codigo Variable Cross-Site Scripting source: https://www.securityfocus.com/bid/13570/info NukeET is prone to a cross-site scripting vulnerability. The source of this issue is that HTML and script code is not properly sanitized from URI variables before being output in a...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2005/02/17 5:0 a.m.28 views

CVE-2005-0456

Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: RFC 2397 URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code...

6.4AI score0.03403EPSS
Exploits0References6
Gentoo Linux
Gentoo Linux
added 2005/01/31 12:0 a.m.33 views

ClamAV: Multiple issues

Background ClamAV is an antivirus toolkit. It includes a multi-threaded daemon and a command line scanner. Description ClamAV fails to properly scan ZIP files with special headers CAN-2005-0133 and base64 encoded images in URLs. Impact By sending a base64 encoded image file in a URL an attacker...

5CVSS6.3AI score0.02547EPSS
Exploits0
securityvulns
securityvulns
added 2004/11/15 12:0 a.m.38 views

Eudora 6.2 attachment spoof

Eudora 6.2 ==6.2.0.14 for Windows was released on 8 Nov 04. The release notes http://www.eudora.com/download/eudora/windows/6.2/RelNotes.txt say: SECURITY -------- Fixed cases where attachments could be spoofed via base64 or quoted-printable encoded plain-text, inline MIME parts. Some cases remai...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2004/10/11 12:0 a.m.31 views

Eudora 6.2.0.7 attachment spoof

Eudora 6.2.0.7 for Windows is in beta testing since 8 Oct 2004. The release notes http://www.eudora.com/download/eudora/windows/6.2/Betas/RelNotes.txt say: SECURITY -------- Fixed cases where attachments could be spoofed via base64 or quoted-printable encoded plain-text, inline MIME parts. Not so...

7AI score
Exploits0
FreeBSD
FreeBSD
added 2004/07/30 12:0 a.m.13 views

ripMIME -- decoding bug allowing content filter bypass

ripMIME may prematurely terminate decoding Base64 encoded messages when it encounters multiple blank lines or other non-standard Base64 constructs. Virus scanning and content filtering tools that use ripMIME may therefore be bypassed. The ripMIME CHANGELOG file says: There's viruses going around...

0.6AI score
Exploits0References4
securityvulns
securityvulns
added 2004/07/08 12:0 a.m.21 views

Eudora 6.1.2 attachment spoof

Eudora 6.1.2 for Windows was released on 21 June 2004. The release notes http://www.eudora.com/download/eudora/windows/6.1.2/RelNotes.txt say: SECURITY Fixed case where attachments could be spoofed via base64 encoded plain-text, inline MIME parts. Not so. Harmless demo below. Cheers, Paul Szabo -...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2004/04/14 12:0 a.m.27 views

ServerAlive weak encryption

Passwords are stored in text file in base64 format...

1.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/08/16 12:0 a.m.32 views

PHP-Nuke v5.6 - Users can compromise admin accts.

Tested on PHP-Nuke v5.6 with Mozilla on Linux should work on past versions and on most browsers Impact: --------------------------------------------- Allows any user to get admin access to a PHP-Nuke site. Summary: ---------------------------------------------- Due to a XSS flaw in PHPNuke's...

6.1AI score
Exploits0
NVD
NVD
added 2002/07/23 4:0 a.m.16 views

CVE-2002-0670

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to steal and easily decode the passwords via sniffing...

7.5CVSS6.8AI score0.01635EPSS
Exploits0References3
Rows per page
Query Builder