258 matches found
CVE-2014-6119
IBM Security AppScan Enterprise is affected by CVE-2014-6119. The vulnerability allows remote attackers to execute arbitrary code via a crafted executable file inside an archive. Affected versions are: 8.5 before 8.5 IFix 002; 8.6 before 8.6 IFix 004; 8.7 before 8.7 IFix 004; 8.8 before 8.8 iFix ...
CVE-2014-3684
The tmadopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary...
CVE-2014-3684
The tmadopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary...
Design/Logic Flaw
The tmadopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary...
CVE-2014-3684
The tmadopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary...
Mozilla Thunderbird Multiple Vulnerabilities - August12 (Mac OS X)
This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvulnaug12macosx.nasl 6074 2017-05-05 09:03:14Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities - August12 Mac OS X Authors: Arun Kallavi Copyrigh...
PT-2011-3362 · Red Hat · Systemtap +1
Name of the Vulnerable Software and Affected Versions: SystemTap version 1.4 Description: The issue allows local users to cause a denial of service, resulting in a divide-by-zero error and OOPS, by utilizing a crafted ELF program with DWARF expressions that are not properly handled by a stap scri...
DEBIAN-CVE-2010-0426
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by...
CVE-2010-0426
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by...
CVE-2010-0426
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by...
PT-2009-4923 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from insufficient validation of data sent from user mode, allowing local users to gain privileges via a crafted PE .exe file. This could lead to a NULL pointe...
DEBIAN-CVE-2008-6680
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service crash via a crafted EXE file that triggers a divide-by-zero error...
CVE-2009-1063
Buffer overflow in eXeScope 6.50 allows user-assisted remote attackers to execute arbitrary code via a crafted executable .exe file...
Code injection
libdayzero.dll in the Filter Hub Service filter-hub.exe in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service crash via a crafted executable attachment in an e-mail, involving the detection of...
CVE-2007-1792
libdayzero.dll in the Filter Hub Service filter-hub.exe in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service crash via a crafted executable attachment in an e-mail, involving the detection of...
CVE-2006-1539
Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another...
security flaw
The loadelflibrary in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service kernel crash via a crafted ELF library or executable, which causes a free of an invalid pointer...
security flaw
The loadelflibrary in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service kernel crash via a crafted ELF library or executable, which causes a free of an invalid pointer...