CVE-2003-0485

CVE-2003-0485 describes a buffer overflow in Progress 4GL Compiler 9.1D06 and earlier. The vulnerability occurs when compiling source code containing a long, invalid data type, potentially allowing an attacker to execute arbitrary code. According to the provided documents, the exploit details are...

SRT2003-06-20-1232 - Progress 4GL Compiler datatype overflow

Secure Network Operations, Inc. http://www.secnetops.com Strategic Reconnaissance Team [email protected] Team Lead Contact [email protected] Our Mission: Secure Network Operations offers expertise in Networking, Intrusion Detection Systems...

CVE-2002-2281

Symantec Java! JIT Just-In-Time Compiler for Netscape Communicator 4.0 through 4.8 allows remote attackers to execute arbitrary Java commands via an applet that uses a jump call, which is not correctly compiled by the JIT compiler...

CVE-2002-1940

LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes portions of previously used memory after the import table, which could allow attackers to gain sensitive information. NOTE: it has been reported that this problem is due to the OS and not the application...

Symantec Java! JustInTime Compiler 210.65 - Command Execution

Symantec Java! JustInTime Compiler 210.65 - Command Execution source: https://www.securityfocus.com/bid/6222/info A vulnerability has been discovered in the Java! JustInTime compiled used by Netscape Communicator, related to the generation of Intel instructions from specially constructed Java...

Symantec Java! JustInTime Compiler 210.65 - Command Execution

source: https://www.securityfocus.com/bid/6222/info A vulnerability has been discovered in the Java! JustInTime compiled used by Netscape Communicator, related to the generation of Intel instructions from specially constructed Java bytecode. If a malicous applet is compiled by the vulnerable...

Multiple compilers "erased" memory reading

Multiple secure programs use something like memsetbuf, 0, len to erase keys, passwords, etc from memory. The problem is this code can be eliminated by compiler during optimization process...

RUS-CERT Advisory 2002-08:02: Flaw in calloc and similar routines

Flaw in calloc and similar routines Integer overflow can occur during the computation of the memory region size by calloc and similar functions. As a result, the function returns a buffer which is too small, possibly resulting in a subsequent buffer overflow. Who Should Read This Document This...

CVE-2002-0271

Runtime library in GNU Ada compiler GNAT 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files...

CVE-2002-0271

Runtime library in GNU Ada compiler GNAT 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files...

CVE-2002-0271

CVE-2002-0271 affects the GNU Ada compiler (GNAT) versions 3.12p through 3.14p. The issue arises from a symlink attack on temporary files, allowing local users to modify files belonging to other users. The resulting impact is limited to integrity (partial) and requires local access; no remote or ...

CVE-2000-1219

The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows...

Linux news 1.09.00

Ядро 2.4.0-test10-pre2 В этом патче для ядра содержатся исправления в функциях vmalloc и ioremap с удаленийм функции setpgdir. Исправления включены только для одной архитектуры x86. Разработчикам для других платформ также рекомендуется просмотреть код этих изменений и исправить свой код. Подробне...

CVE-2000-0629

The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet...

CVE-2000-0578

SGI MIPSPro compilers (C, C++, F77, F90) populate /tmp with predictable temporary file names. This allows a local attacker to modify contents of those files while a build is performed by another user, as described in CVE-2000-0578. The vulnerability stems from how temporary files are created duri...

CVE-2000-0629

The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet...

Проблемы временных файлов в IRIX

компиляторы MIPSPro, cron создают временные файлы с предсказуемыми именами, что позволяет пользователю подменить или получить доступ к содержимому этих файлов...

Linux news 20.04.00

The GUI Toolkit, Framework Page Страничка сравнительного анализа средств библиотек построения пользовательского интерфейса: The GUI Toolkit,Framework Page Подробнее: http://atai.org/guitool/ gtk для MacOS В списке рассылки gtk-list появилось сообщение, что gtk портируется на MacOS порты gtk...

CVE-1999-0745

Buffer overflow in Source Code Browser Program Database Name Server Daemon pdnsd for the IBM AIX C Set ++ compiler...

CVE-1999-0745

Buffer overflow in Source Code Browser Program Database Name Server Daemon pdnsd for the IBM AIX C Set ++ compiler...