260 matches found
Mozilla javascript crash (MFSA 2011-12)
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19, 3.6.x before 3.6.17, and 4.x before 4.0.1; Thunderbird before 3.1.10; and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execut...
Fedora Update for galeon FEDORA-2010-18775
Check for the Version of galeon OpenVAS Vulnerability Test Fedora Update for galeon FEDORA-2010-18775 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for epiphany FEDORA-2008-9669
Check for the Version of epiphany OpenVAS Vulnerability Test Fedora Update for epiphany FEDORA-2008-9669 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
pcre integer overflow
Integer overflow in Perl-Compatible Regular Expression PCRE library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large 1 min, 2 max, or 3 duplength values that cause an incorrect length calculation and trigger a buffer overflo...
openSUSE 10 Security Update : seamonkey (seamonkey-2250)
This security update brings Mozilla SeaMonkey to version 1.0.6. Please also see http://www.mozilla.org/projects/security/known-vulnerabilities.html for more details. It includes fixes to the following security problems: MFSA2006-65: Is split into 3 sub-entries, for ongoing stability improvements ...
CVE-2007-0777
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via certain vectors that trigger memory corruption...
CVE-2006-1742
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memo...
CVE-2005-0430
The Quake 3 engine, as used in multiple game packages, allows remote attackers to cause a denial of service shutdown game server and possibly crash the server via a long infostring, possibly triggering a buffer overflow...
CVE-2004-1207
The Serious engine, as used in 1 Alpha Black Zero Intrepid Protocol 1.04 and earlier, 2 Nitro family, and 3 Serious Sam Second Encounter 1.07 allows remote attackers to cause a denial of service server crash via a large number of UDP join requests that exceeds the maximum player limit, as...
adv17.txt
+| Advisory 17. Search Engine & Directory by Turbo Seek Software: Search Engine & Directory Powered by Turbo Seek Vendor: FocalMedia.Net http://www.focalmedia.net Vulnerability: âîçìîæíîñòü ÷òåíèÿ ôàéëîâ Risk: ñðåäíèé Date: 10'Sept 2004 discovered by durito -duritoatmaildotru- HTTP: www.lwb57.org...
Serious Sam Engine 1.0.5 - Remote Denial of Service
Serious Sam Engine 1.0.5 - Remote Denial of Service // source: https://www.securityfocus.com/bid/8936/info It has been reported that Serious Sam game engine is vulnerable to a remote denial of service vulnerability due to a failure to handle exceptional conditions. This issue occurs when the clie...
PHPNuke SQL Injection
PHPNuke SQL Injection 2-18-2003 http://CGIshield.com How to steal the password hash of the Admin user on PHPnuke 6.0 & 5.6 windows+linux method 1 PHPnuke, a widely used open-source web portal system, has been found to contain a remotely exploitable SQL injection bug, which allows stealing of the...
Epic Games Unreal Engine 436 - URL Directory Traversal
source: https://www.securityfocus.com/bid/6775/info It has been reported that a directory traversal vulnerability exists in several games using some versions of the Unreal Engine. It is possible for attackers to traverse outside of the game's installation directory using directory traversal...
Microsoft SQL Server 2000 / Microsoft Jet 4.0 Engine - Unicode Buffer Overflow (PoC)
source: https://www.securityfocus.com/bid/5057/info Microsoft SQL Server is prone to a remotely exploitable unicode-based buffer overflow condition. This condition occurs when the OpenDataSource function is used with MS Jet Engine. This issue may be exploited to execute attacker-supplied...
AHG Search Engine 1.0 - 'search.cgi' Arbitrary Command Execution
source: https://www.securityfocus.com/bid/3985/info Search.CGI is a component of the HTMLsearch Search Engine software distributed by AHG. The software is available for the Unix, Linux, and Microsoft platforms. The search.cgi script included with the AHG Search Engine does not adequately filter...
RFP2K04: Mining BlackICE with RFPickAxe
---/ RFP2K04 /----------------------------/ rfp.labs / wiretrip /--------- Mining BlackICE with RFPickAxe Remote command execution on BlackICE ICECap stations ------------------------------------/ rain forest puppy / [email protected] Table of contents: -/ 1 / For the Black Hats -/ 2 / For the Whi...
Internet Security Systems ICECap Manager 2.0.23 - Default Username and Password
Internet Security Systems ICECap Manager 2.0.23 - Default Username and Password source: https://www.securityfocus.com/bid/1216/info ICECap Manager is a management console for BlackICE IDS Agents and Sentries. By default, ICECap Manager listens on port 8081, transmits alert messages to another...
AltaVista Search Intranet 2.0 b2.3 - Directory Traversal
AltaVista Search Intranet 2.0 b2.3 - Directory Traversal source: https://www.securityfocus.com/bid/896/info The AltaVista Search engine sets up a webserver at port 9000 to listen for search queries. The main search function will accept a single '../' string in the query, providing access to all...
RFP9905.zeus.remote.root.txt
--- Advisory RFP9905 ------------------------------- rfp.labs ----------- Remote root compromise via Zeus webserver Zeus-search vulnerability --------------------------------- rain forest puppy / [email protected] -- Table of contents: - 1. Scope of problem - 2. Solution - 3. Miscellaneous Updates...
CVE-1999-1130
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file...