620 matches found
Not dead shellcode-exploit warning-the black bar safety net
HEE HEE,today the computer some of the things transferred to the mobile hard disk,find yourself previously voted over the few manuscript,crude see an article but there are a few articles or a little heat,simply submit to the evil eight,hope can be a friend in need some help...rookie write the dis...
CVE-2007-3021
Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition SAV CE 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via...
GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow
GDB 6.6 - ProcessCoffSymbol UPX File Buffer Overflow source: https://www.securityfocus.com/bid/24291/info GDB is prone to a buffer-overflow vulnerability because it fails to properly check bounds when handling specially crafted executable files. Attackers could leverage this issue to run arbitrar...
GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow
source: https://www.securityfocus.com/bid/24291/info GDB is prone to a buffer-overflow vulnerability because it fails to properly check bounds when handling specially crafted executable files. Attackers could leverage this issue to run arbitrary code outside of a restricted environment, which may...
Code injection
Direct static code injection vulnerability in admin/save.php in Stephen Craton aka WiredPHP Chatness 2.5.3 and earlier allows remote authenticated administrators to inject PHP code into .html files via the html parameter, as demonstrated by head.html and foot.html, which are included and executed...
Hewlett-Packard Network Node Manager 7.50 Remote Console weak files permissions
Vendor: Hewlett-Packard Application: Network Node Manager 7.50 Remote Console under Microsoft Windows XP SP2. Vulnerability: Local Vulnerability Level: High Author: 3APA3A , Impact: privilege escalation of any unprivileged user to Local System or another user's account. Intro: NNM Remote Console ...
FreeBSD : dokuwiki -- multiple vulnerabilities (fcba5764-506a-11db-a5ae-00508d6a62df)
Secunia reports : rgod has discovered a vulnerability in DokuWiki, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the 'TARGETFN' parameter in bin/dwpage.php is not properly sanitised before being used to copy files. This can be exploited via director...
CVE-2006-4675
Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors...
CVE-2006-4675
Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors...
DEBIAN-CVE-2006-4675
Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors...
CVE-2006-4675
The CVE-2006-4675 entry corresponds to an Unrestricted file upload vulnerability in DokuWiki (lib/exe/media.php) prior to 2006-03-09c, allowing remote attackers to upload executable files into the data/media folder via unspecified vectors. Several connected sources (NVD, OSV, Gentoo GLSA, FreeBSD...
CVE-2006-4675
Unrestricted file upload vulnerability in lib/exe/media.php in DokuWiki before 2006-03-09c allows remote attackers to upload executable files into the data/media folder via unspecified vectors...
CVE-2006-4617
Unrestricted file upload vulnerability in fileupload.html in vtiger CRM 4.2.4, and possibly earlier versions, allows remote attackers to upload and execute arbitrary files with executable extensions in the /cashe/mails folder...
twiki -- multiple file extensions file upload vulnerability
A TWiki Security Alert reports: The TWiki upload filter already prevents executable scripts such as .php, .php1, .phps, .pl from potentially getting executed by appending a .txt suffix to the uploaded filename. However, PHP and some other types allows additional file suffixes, such as .php.en,...
IIS Unicode Directory Traversal
Added: 07/03/2006 CVE: CVE-2000-0884 BID: 1806 OSVDB: 436 Background Microsoft IIS is a web server for Windows platforms. Problem Microsoft IIS 4.0 and 5.0 allow path validation checks to be bypassed by encoding invalid characters in Unicode. For example, a slash character is represented as %c0%a...
Multiple Firebird vulnerabilities
Few executable files are installed suid firebird, one of them has buffer overflow...
clamav -- possible heap overflow in the UPX code
The Zero Day Initiative reports: This vulnerability allows remote attackers to execute arbitrary code on vulnerable Clam AntiVirus installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within libclamav/upx.c during the unpacking of executable files...
CVE-2005-3288
Mailsite Express is affected by CVE-2005-3288. Remote attackers can upload and execute files with executable extensions (e.g., ASP) by attaching the file via the compose page and then accessing it from the cache directory before saving or sending the message. The vulnerability is documented acros...
CVE-2005-3291
Removed by vendor...
Adobe Version Cue multiple vulnerabilities
Executable files are writable. It's possible to attach user's library to suid executable. Symbolic links problem...