CVE-2003-1050

Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to 1 db2start, 2 db2stop, or 3 db2govd...

WinRAR 1.0 - Local Buffer Overflow

/ WinRar local buffer overflow exploit V1.0 Coded By ATmaCA Copyright © 2004 ProGroup Software, Inc. E-Mail:[email protected] Web:www.prohack.net Usage:\r\nexploit Targets: 1 - WinXP SP1 user32.dll 0x77D718FC 2 - WinXP SP2 user32.dll 0x77D8AF0A Example:exploit 1 myrar.rar / / All WinRar 2.x seri...

FreeBSD-SA-04:14.cvs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:14.cvs.asc Security Advisory The FreeBSD Project Topic: CVS Category: contrib Module: cvs Announced: 2004-09-19 Credits: Stefan Esser, Sebastian Krahmer, Derek...

RHEL 2.1 : lha (RHSA-2004:440)

An updated lha package that fixes a buffer overflow is now available. LHA is an archiving and compression utility for LHarc format archives. Lukasz Wojtow discovered a stack-based buffer overflow in all versions of lha up to and including version 1.14. A carefully created archive could allow an...

Important: Red Hat Security Advisory: lha security update

An updated lha package that fixes a buffer overflow is now available. LHA is an archiving and compression utility for LHarc format archives. Lukasz Wojtow discovered a stack-based buffer overflow in all versions of lha up to and including version 1.14. A carefully created archive could allow an...

QNX PPPoEd 2.44.256.2 - Multiple Local Buffer Overrun Vulnerabilities

QNX PPPoEd 2.44.256.2 - Multiple Local Buffer Overrun Vulnerabilities source: https://www.securityfocus.com/bid/11104/info QNX PPPoEd is reported to be prone to multiple local buffer overflow vulnerabilities. The issues presents themselves when PPPoEd handles certain command line arguments that a...

security flaw

Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to "command line processing," a different vulnerability than CVE-2004-0771. NOTE: this issue may be REJECTED if there are not any case...

CVE-2002-1253

Technical details for CVE-2002-1253 are not publicly available in the provided documents; monitor for updates from official advisories.

CVE-2002-1253

Abuse 2.00 and earlier allows local users to gain privileges via command line arguments that specify alternate Lisp scripts that run at escalated privileges, which can contain functions that execute commands or modify files...

CVE-2004-1681

Multiple buffer overflows in 1 phrelay-cfg, 2 phlocale, 3 pkg-installer, or 4 input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s server command line parameter...

CVE-2003-1051

CVE-2003-1051 affects IBM DB2 Universal Database 8.1. It describes multiple format-string vulnerabilities that could allow local users to execute arbitrary code via certain command-line arguments to db2start, db2stop, or db2govd. Root cause: format string handling issues in the involved binaries....

CVE-2003-1051

Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to 1 db2start, 2 db2stop, or 3 db2govd...

CVE-2003-1050

Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to 1 db2start, 2 db2stop, or 3 db2govd...

Mozilla Firefox 3.x < 3.0.1 Multiple Vulnerabilities

Binary data 4591.prm...

Mozilla Firefox < 2.0.0.16 / 3.0.1 Multiple Vulnerabilities

Binary data 4588.prm...

a2ps -- insecure command line argument handling

Rudolf Polzer reports: a2ps builds a command line for file containing an unescaped version of the file name, thus might call external programs described by the file name. Running a cronjob over a public writable directory a2ps-ing all files in it - or simply typing "a2ps .txt" in /tmp - is...

Microsoft Internet Explorer 6 - mms Protocol Handler Executable Command Line Injection

source: https://www.securityfocus.com/bid/10879/info A vulnerability has been reported to exist in Microsoft Internet Explorer that may allow remote attackers to pass arbitrary command line arguments to an application associated with the mms: URI protocol handler. Windows Media Player is the...

Microsoft Internet Explorer 6 - mms Protocol Handler Executable Command Line Injection

Microsoft Internet Explorer 6 - mms Protocol Handler Executable Command Line Injection source: https://www.securityfocus.com/bid/10879/info A vulnerability has been reported to exist in Microsoft Internet Explorer that may allow remote attackers to pass arbitrary command line arguments to an...

Mandrake Linux Security Advisory : fileutils/coreutils (MDKSA-2003:106)

A memory starvation denial of service vulnerability in the ls program was discovered by Georgi Guninski. It is possible to allocate a huge amount of memory by specifying certain command-line arguments. It is also possible to exploit this remotely via programs that call ls such as wu-ftpd although...

RHEL 2.1 : fileutils (RHSA-2003:310)

Updated fileutils packages that close a potential denial of service vulnerability are now available. The fileutils package contains several basic system utilities. One of these utilities is the 'ls' program, which is used to list information about files and directories. Georgi Guninski discovered...