Code injection

OpenOffice.org aka StarOffice 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user...

CVE-2006-2198

OpenOffice.org aka StarOffice 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user...

CVE-2006-2198

OpenOffice.org aka StarOffice 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user...

CVE-2006-2198

CVE-2006-2198 affects OpenOffice.org/StarOffice from 1.1.x (up to 1.1.5) and 2.0.x before 2.0.3. A user‑supplied OpenOffice document containing a malicious BASIC macro can execute without prompting, enabling the macro to run with the current user’s privileges. This can lead to unauthorized activi...

CVE-2006-2198

OpenOffice.org aka StarOffice 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user...

Multiple OpenOffice security vulnerabilities

BASIC macro auto launch without user intercation, Java applet sandbox protection bypass, XML parsing buffer overflow...

CVE-2006-3094

Multiple SQL injection vulnerabilities in Calendarix Basic 0.7.20060401 and earlier, with magicquotesgpc disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter in 1 calevent.php and 2 calpopup.php...

CVE-2006-3094

CVE-2006-3094 affects Calendarix Basic 0.7.20060401 and earlier. The vulnerability is an SQL injection in the id parameter of cal_event.php and cal_popup.php when magic_quotes_gpc is disabled, allowing remote attackers to execute arbitrary SQL commands. This is evidenced by multiple public adviso...

CVE-2006-3094

Multiple SQL injection vulnerabilities in Calendarix Basic 0.7.20060401 and earlier, with magicquotesgpc disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter in 1 calevent.php and 2 calpopup.php...

BASE <= 1.2.4 melissa (Snort Frontend) Remote Inclusion Vulnerabilities

No description provided by source. Basic Analysis and Security Engine BASE = 1.2.4 melissa Inclusion Vulnerabilities Just glanced over BASE for a pentesting job. /str0ke ! milw0rm.com code baseqrycommon.php includeonce"$BASEpath/includes/basesignature.inc.php"; /code...

Monit <= 4.2 Remote Root Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ================================================ Monit include include include include define BUFFSIZE 2048 define PADDING 40 define EXPSIZE 256+4+PADDING define MAXARCH 2 struct eos char arch; unsigned long ret; targets = "Monit-4.2-Gentoo",...

CVE-2006-1505

basemaintenance.php in Basic Analysis and Security Engine BASE before 1.2.4 melissa, when running in standalone mode, allows remote attackers to bypass authentication, possibly by setting the standalone parameter to "yes"...

Too Long Basic Authentication DoS Vulnerability

It was possible to kill the web server by sending a request with a too long Basic authentication field. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Incomplete Basic Authentication DoS Vulnerability

It was possible to kill the web server by sending an invalid request with an incomplete Basic authentication. SPDX-FileCopyrightText: 2004 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

ICECast < 2.0.1 HTTP Basic Authorization DoS Vulnerability

ICECast is prone to a remote denial of service DoS vulnerability. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Directory Scanner (HTTP)

HTTP based detection of various common dirs on the remote web server. SPDX-FileCopyrightText: 2005 Digital Defense Inc. SPDX-FileCopyrightText: Improved code and additional directories since 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...

security flaw

The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service infinite loop via unknown vectors...

XML-RPC Library &lt;= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit

No description provided by source. tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research. http://pear.php.net/bugs/bug.php?id=4692 xmlrpc...

CVE-2001-1496

Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code...

CVE-2001-1496

CVE-2001-1496 affects thttpd (Acme Labs) with an off-by-one buffer overflow in Basic Authentication across versions 1.95–2.20. The underlying issue is a buffer overflow in the Basic Auth handling, enabling remote attackers to cause a denial of service and potentially execute arbitrary code. Explo...