Memory corruption

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...

CVE-2008-1367

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...

Xoops-2.0.16 Remote File Inclusion

In the Script Xoops-2.0.16 are Remote File Inclusion Bugs +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Script : xoops-2.0.16-Kararli Discovered By : F10 Contact : [email protected] WebSite : http://by-f10.com Greetz : byemR3 , H0tturk , TaRanTuLa , gsy...

Apache 2.2.6 mod_negotiation - HTML Injection HTTP Response Splitting

Apache 2.2.6 modnegotiation - HTML Injection HTTP Response Splitting source: https://www.securityfocus.com/bid/27409/info Apache 'modnegotiation' is prone to an HTML-injection and an HTTP response-splitting vulnerability because the application fails to properly sanitize user-supplied input befor...

Apache 2.2.6 mod_negotiation - HTML Injection / HTTP Response Splitting

source: https://www.securityfocus.com/bid/27409/info Apache 'modnegotiation' is prone to an HTML-injection and an HTTP response-splitting vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML o...

Debian Security Advisory DSA 1170-1 (gcc-3.4)

The remote host is missing an update to gcc-3.4 announced via advisory DSA 1170-1. Jürgen Weigert discovered that upon unpacking JAR archives fastjar from the GNU Compiler Collection does not check the path for included files and allows to create or overwrite files in upper directories. OpenVAS...

Debian: Security Advisory (DSA-1170)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1400-1 (perl)

The remote host is missing an update to perl announced via advisory DSA 1400-1. OpenVAS Vulnerability Test $Id: deb14001.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1400-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 811-1 (common-lisp-controller)

The remote host is missing an update to common-lisp-controller announced via advisory DSA 811-1. Francois-Rene Rideau discovered a bug in common-lisp-controller, a Common Lisp source and compiler manager, that allows a local user to compile malicious code into a cache directory which is executed ...

[SECURITY] Fedora 7 Update: kdevelop-3.5.0-4.fc7

The KDevelop Integrated Development Environment provides many features that developers need as well as providing a unified interface to programs like gdb, the C/C++ compiler, and make. KDevelop manages or provides: All development tools needed for C++ programming like Compiler, Linker, automake a...

Ubuntu 5.10 / 6.06 LTS : mono vulnerability (USN-357-1)

Sebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program. Under some circumstances, a...

CVE-2002-2281

Symantec Java! JIT Just-In-Time Compiler for Netscape Communicator 4.0 through 4.8 allows remote attackers to execute arbitrary Java commands via an applet that uses a jump call, which is not correctly compiled by the JIT compiler...

CVE-2002-2281

Technical details about CVE-2002-2281 are not publicly available in the provided connected documents. Monitor for updates from authoritative sources.

PHP Webquest 2.5 - id_actividad SQL Injection

PHP Webquest 2.5 - idactividad SQL Injection / script name : phpwebquest script version : 2.5 script website : http://phpwebquest.org Bug Finder : D4realTeaM 'unkn0wnX','n3t-mapper','ToxiC350'; injected file : webquest/soportederechaw.php Variable : idactividad Contact : n3t-mapp3r At hotmail dot...

CVE-2007-3855

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via 1 SYS.DBMSDRS in the DataGuard component DB03, 2 SYS.DBMSSTANDARD in the PL/SQL component DB10, 3 MDSYS.RTREEIDX in the...

Design/Logic Flaw

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via 1 SYS.DBMSDRS in the DataGuard component DB03, 2 SYS.DBMSSTANDARD in the PL/SQL component DB10, 3 MDSYS.RTREEIDX in the...

CVE-2007-3855

CVE-2007-3855 affects multiple Oracle Database versions (9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3) with vulnerabilities in the DataGuard component (SYS.DRMS), the PL/SQL component (SYS.DBMS_STANDARD), the Spatial component (MDSYS.RTREE_IDX), and the SQL Compiler (DB17). The description no...

CVE-2007-3855

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to have an unknown impact via 1 SYS.DBMSDRS in the DataGuard component DB03, 2 SYS.DBMSSTANDARD in the PL/SQL component DB10, 3 MDSYS.RTREEIDX in the...

Oracle Database - SQL Compiler Views Unauthorized Manipulation

Oracle Database - SQL Compiler Views Unauthorized Manipulation source: https://www.securityfocus.com/bid/24887/info Oracle has released a Critical Patch Update advisory for July 2007 to address multiple vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected...

Microsoft .NET Framework JIT编译器远程溢出漏洞（MS07-040）

BUGTRAQ ID: 24811 CVECAN ID: CVE-2007-0043 Microsoft .NET Framework是一个流行的软件开发工具包。 .NET Framework JIT编译器处理包含恶意数据的网页时存在漏洞，远程攻击者可能利用此漏洞控制用户系统。 .NET Framework...