Lucene search
K

1280 matches found

Packet Storm
Packet Storm
added 2008/06/05 12:0 a.m.23 views

psys-sql.txt

pSys - 0.7.0. alpha shownews SQL Injection Bug by: h0yt3r Bug in here: if isset$REQUEST'shownews' && $REQUEST'shownews' != "" $sqlbefehl="Select titel from $tabnews Where id = '".intval$REQUEST'shownews'."'"; $gettitel = mysqlquery$sqlbefehl,$serverid; $news=mysqlfetcharray$gettitel; $pagetitle =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/05 12:0 a.m.28 views

pSys 0.7.0.a - 'shownews' SQL Injection

pSys - 0.7.0. alpha shownews SQL Injection Bug by: h0yt3r Bug in here: if isset$REQUEST'shownews' && $REQUEST'shownews' != "" $sqlbefehl="Select titel from $tabnews Where id = '".intval$REQUEST'shownews'."'"; $gettitel = mysqlquery$sqlbefehl,$serverid; $news=mysqlfetcharray$gettitel; $pagetitle =...

7.4AI score
Exploits0
Prion
Prion
added 2007/08/28 6:17 p.m.15 views

Design/Logic Flaw

Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the...

6.8CVSS8.3AI score0.07296EPSS
Exploits0References10Affected Software3
NVD
NVD
added 2007/07/25 5:30 p.m.19 views

CVE-2007-3969

Buffer overflow in Panda Antivirus before 20070720 allows remote attackers to execute arbitrary code via a crafted EXE file, resulting from an "Integer Cast Around."...

9.3CVSS7.8AI score0.05718EPSS
Exploits0References7
Prion
Prion
added 2007/07/24 5:30 p.m.12 views

Buffer overflow

Multiple buffer overflows in Norman Antivirus 5.90 allow remote attackers to execute arbitrary code via a crafted 1 ACE or 2 LZH file, resulting from an "integer cast around."...

7.5CVSS8.3AI score0.09252EPSS
Exploits0References14Affected Software1
NVD
NVD
added 2007/07/24 5:30 p.m.19 views

CVE-2007-3951

Multiple buffer overflows in Norman Antivirus 5.90 allow remote attackers to execute arbitrary code via a crafted 1 ACE or 2 LZH file, resulting from an "integer cast around."...

7.5CVSS7.7AI score0.09252EPSS
Exploits0References14
NVD
NVD
added 2007/07/24 5:30 p.m.11 views

CVE-2007-3952

The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to bypass the malware detection via a crafted DOC file, resulting from an "integer cast around"...

7.5CVSS6.6AI score0.05285EPSS
Exploits0References9
Prion
Prion
added 2007/07/24 5:30 p.m.13 views

Design/Logic Flaw

The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to bypass the malware detection via a crafted DOC file, resulting from an "integer cast around"...

7.5CVSS7.1AI score0.05285EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2007/07/24 5:0 p.m.21 views

CVE-2007-3952

The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to bypass the malware detection via a crafted DOC file, resulting from an "integer cast around"...

6.6AI score0.05285EPSS
Exploits0References9
Cvelist
Cvelist
added 2007/07/24 5:0 p.m.22 views

CVE-2007-3951

Multiple buffer overflows in Norman Antivirus 5.90 allow remote attackers to execute arbitrary code via a crafted 1 ACE or 2 LZH file, resulting from an "integer cast around."...

7.7AI score0.09252EPSS
Exploits0References14
Prion
Prion
added 2007/06/01 1:30 a.m.12 views

Buffer overflow

Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to execute arbitrary code via a crafted LZH archive file, resulting from an "integer cast around."...

10CVSS8.1AI score0.07526EPSS
Exploits0References11Affected Software2
CVE
CVE
added 2007/06/01 1:0 a.m.52 views

CVE-2007-2974

The CVE-2007-2974 entry concerns Avira AntiVir Antivirus (pre-7.03.00.09). The vulnerability is a buffer overflow in the file parsing engine when handling LZH archives, caused by an integer cast around in the parsing path, enabling remote code execution. The connected NVD entry confirms impact to...

10CVSS7.8AI score0.07526EPSS
Exploits0References11Affected Software2
Prion
Prion
added 2007/05/24 6:30 p.m.13 views

Heap overflow

Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting from an "integer cast around."...

9.3CVSS8.3AI score0.07738EPSS
Exploits0References9Affected Software1
NVD
NVD
added 2007/05/24 6:30 p.m.15 views

CVE-2007-2846

Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting from an "integer cast around."...

9.3CVSS8AI score0.07738EPSS
Exploits0References9
Cvelist
Cvelist
added 2007/04/06 1:0 a.m.39 views

CVE-2007-1889

Integer signedness error in the zendmmallocint function in the Zend Memory Manager in PHP 5.2.0 allows remote attackers to execute arbitrary code via a large emalloc request, related to an incorrect signed long cast, as demonstrated via the HTTP SOAP client in PHP, and via a call to msgreceive wi...

7.4AI score0.03088EPSS
Exploits0References8
Cvelist
Cvelist
added 2007/01/04 6:0 p.m.20 views

CVE-2007-0051

Format string vulnerability in Apple iPhoto 6.0.5 316, and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed...

7.2AI score0.09037EPSS
Exploits1References12
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.33 views

CVE-2002-0076

Java Runtime Environment JRE Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in 1 Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, 2 Netscape 6.2.1 and earlier, and...

7.1AI score0.26861EPSS
Exploits0References4
NVD
NVD
added 2002/03/19 5:0 a.m.28 views

CVE-2002-0076

Java Runtime Environment JRE Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in 1 Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, 2 Netscape 6.2.1 and earlier, and...

7.5CVSS7.1AI score0.26861EPSS
Exploits0References4
Cvelist
Cvelist
added 2000/06/02 4:0 a.m.16 views

CVE-2000-0327

Microsoft Virtual Machine VM allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability...

7.1AI score0.1161EPSS
Exploits0References2
NVD
NVD
added 1999/10/21 4:0 a.m.11 views

CVE-2000-0327

Microsoft Virtual Machine VM allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability...

7.6CVSS7.1AI score0.1161EPSS
Exploits0References2
Rows per page
Query Builder