CVE-2008-0624

Buffer overflow in the YMP Datagrid ActiveX control datagrid.dll in Yahoo! JukeBox 2.2.2.56 allows remote attackers to execute arbitrary code via a long argument to the AddButton method, a different vulnerability than CVE-2008-0623...

CVE-2008-0623

Stack-based buffer overflow in the YMP Datagrid ActiveX control datagrid.dll in Yahoo! Music Jukebox 2.2.2.056 allows remote attackers to execute arbitrary code via a long argument to the AddImage method...

CVE-2008-0624

Yahoo! Music Jukebox ActiveX/DataGrid (datagrid.dll) on Yahoo! Jukebox 2.2.2.56/056 is affected by stack-based buffer overflows in AddImage and AddButton methods, enabling remote code execution via a long string argument. Versions referenced include 2.2.2.56 and 2.2.2.056. No vendor patch is evid...

Yahoo! Music Jukebox YMP Datagrid ActiveX control stack buffer overflows

Overview The Yahoo! Music Jukebox YMP Datagrid ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo! Music Jukebox is a music player for Microsoft Windows, which includes...

Fedora 7 : php-pear-Structures-DataGrid-DataSource-MDB2-0.1.10-1.fc7 (2007-0847)

Security fix: users could manipulate the generated sorting queries Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Design/Logic Flaw

Unspecified vulnerability in the fetch function in MDB2.php in PEAR Structures-DataGrid-DataSource-MDB2 0.1.9 and earlier allows attackers to "manipulate the generated sorting queries."...

CVE-2007-3628

Unspecified vulnerability in the fetch function in MDB2.php in PEAR Structures-DataGrid-DataSource-MDB2 0.1.9 and earlier allows attackers to "manipulate the generated sorting queries."...

CVE-2007-3628

Unspecified vulnerability in the fetch function in MDB2.php in PEAR Structures-DataGrid-DataSource-MDB2 0.1.9 and earlier allows attackers to "manipulate the generated sorting queries."...

CVE-2007-3628

CVE-2007-3628 affects PEAR Structures-DataGrid-DataSource-MDB2 up to version 0.1.9, specifically the fetch function in MDB2.php. The vulnerability allows attackers to manipulate generated sorting queries. The connected documents confirm the affected component and the general impact, but do not pr...

[SECURITY] Fedora 7 Update: php-pear-Structures-DataGrid-DataSource-MDB2-0.1.10-1.fc7

This is a DataSource driver for StructuresDataGrid using PEAR::MDB2 and an SQL query...

ASP.NET __VIEWSTATE crypto validation prone to replay attacks

Good morning, ASP.NET's extremely popular VIEWSTATE functionality provides an automatic, uniform method for storing current state of all webpage "controls" including form fields, database views, etc, so that user-entered data automagically persists and is populated across newly rendered HTML, and...