4759 matches found
FTE fails to properly validate environment variables
Overview FTE contains a vulnerability in the processing of certain environment variables that could allow an attacker to execute arbitrary code. Description FTE is a text editor available for a variety of operating systems. There is a buffer overflow vulnerability in the way FTE performs bounds...
CVE-2003-0607
Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the 1 USER or 2 DISPLAY environment variables...
DEBIAN-CVE-2003-0828
Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables...
CVE-2003-0828
Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables...
CVE-2003-0607
CVE-2003-0607 affects the xconq package (version 7.4.1) via a local buffer overflow in the USER and DISPLAY environment variable handling, enabling a local attacker to gain the gid 'games'. Connected sources confirm the issue in Debian advisory DSA-354 for xconq and note that a fix was released (...
CVE-2003-0607
Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the 1 USER or 2 DISPLAY environment variables...
CVE-2003-0828
Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables...
DSA-445 lbreakout2 - buffer overflow
Bulletin has no description...
MacOS X TruBlueEnvironment buffer overflow
Buffer overflow on environment variables parsing...
CVE-2003-1235
BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a URL request for testcgi.exe, which lists the values of environment variables and the current working directory...
CVE-2003-0834
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via 1 a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, 2 DTSEARCHPATH, or 3 LOGNAME...
CVE-2003-0834
The CVE-2003-0834 issue is a local buffer overflow in the CDE libDtHelp library that allows a local user to execute arbitrary code. The vulnerability is triggered via manipulation of environment-related paths (DTHELPUSERSEARCHPATH, DTHELPSEARCHPATH) or LOGNAME through the Help feature, leading to...
CVE-2003-0834
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via 1 a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, 2 DTSEARCHPATH, or 3 LOGNAME...
Musicqueue multiple local vulnerabilities
======================================== INetCop Security Advisory 2003-0x82-020 ======================================== Title: Musicqueue multiple local vulnerabilities 0x01. Description Musicqueue is a CGI music jukebox using external tools to play the files. Because of that it supports severa...
TEXONET-20030902.txt
----------------------------------------------------------------------- Texonet Security Advisory 20030902 ----------------------------------------------------------------------- Advisory ID : TEXONET-20030902 Authors : Joel Soderberg and Christer Oberg Issue date : Tuesday, September 02, 2003...
DEBIAN-CVE-2003-0620
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via 1 MANDATORYMANPATH, MANPATHMAP, and MANDBMAP arguments to addtodirlist in manp.c, 2 a long pathname to ultsrc in ultsrc.c, 3 a long .so argument to testforinclude in ultsrc.c, 4 ...
CVE-2003-0631
VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session...
CVE-2003-0574
Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028...
CVE-2003-0574
CVE-2003-0574 relates to a System V /bin/login vulnerability (CVE-2001-0797) manifested as a buffer overflow via a large number of environment variables/arguments, enabling potential privilege escalation. Connected entries describe Solaris/SPARC telnet/rlogin vectors and several exploits (e.g., T...
CVE-2003-0631
CVE-2003-0631 affects VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier. The root cause is the use of certain environment variables when launching a virtual machine session, allowing a local user to gain root privileges. The provided documents do not specify a patch,...