Oracle XDB component PITRIG_DROPMETADATA buffer overflow

Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...

CVE-2002-2401

NTVDM.EXE in Windows 2000/NT/XP fails to verify user execution permissions for 16‑bit executables, allowing local users to bypass the loader and run arbitrary programs. Root cause: missing permission verification on 16‑bit file execution. Mitigation/remediation details are not provided in the con...

CVE-2002-2401

NT Virtual DOS Machine NTVDM.EXE in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs...

Verity KeyView SDK Multiple File Format Parsing Vulnerabilities

Several vulnerabilities exist in the popular Verity KeyView SDK used in many enterprise applications like IBM Lotus Notes. When parsing several different file formats a standard stack overflow occurs allowing a malicious user to gain complete control of the affected machine under the rights of th...

Symantec Mail Security for SMTP File Parsing Vulnerabilities

Symantec Mail Security for SMTP, which provides anti-spam and anti- virus protection for the IIS SMTP Service, is installed on the remote Windows host. The version of Symantec Mail Security for SMTP installed on the remote host reportedly is affected by multiple vulnerabilities caused by buffer...

CVE-2003-1426

Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPTFILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPTFILENAME to reference a directory containing a malicious openwebmail-shared.pl...

CVE-2004-2700

Unrestricted file upload vulnerability in AspDotNetStorefront 3.3 allows remote authenticated administrators to upload arbitrary files with executable extensions via admin/images.aspx...

CheckPoint Secure Platform Multiple Buffer Overflows

Hi all, we have published a paper about CheckPoint Firewall-1 vulnerabilities. The platform tested is the Secure Platform R60. We have found many buffer overflows. Most of them are located in command line utilities that can be exploited locally. A very few of them maybe can be exploited remotely,...

CVE-2001-1583

CVE-2001-1583 affects the Solaris in.lpd (lpd) daemon shipped with Sun Solaris up to version 8.0. A crafted job request with a malformed control file, not correctly handled when lpd calls a mail program, allows remote command execution. Exploitation has been demonstrated in public advisories and ...

CVE-2007-4750

Unspecified vulnerability in RemoteDocs R-Viewer before 1.6.3768 allows user-assisted remote attackers to execute arbitrary code via a crafted RDZ archive in which the first file has an executable extension...

CVE-2007-4750

Unspecified vulnerability in RemoteDocs R-Viewer before 1.6.3768 allows user-assisted remote attackers to execute arbitrary code via a crafted RDZ archive in which the first file has an executable extension...

CVE-2007-4913

ipskernel/classupload.php in Invision Power Board IPB or IP.Board 2.3.1 up to 20070912 allows remote attackers to upload arbitrary script files with crafted image filenames to uploads/, where they are saved with a .txt extension and are not executable. NOTE: there are limited usage scenarios unde...

Olate Download 3.4.2 ~ userupload.php ~ Upload Executable Files

VISIT ORIGINAL ADVISORY FOR MORE DETAILS http://myimei.com/security/2007-09-01/olate-download-342-useruploadphp-upload-executable-files.html VISIT ORIGINAL ADVISORY FOR MORE DETAILS/ ——-Summary—— Software: Olate Download Sowtware's Web Site: http://www.olate.co.uk/ Versions: 3.4.2 Class: Remote...

CVE-2007-3912

checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process...

CVE-2007-3912

checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process...

Checkpoint ZoneAlarm multiple privilege escalations

Vsdatant.sys driver multiple IOCTLs buffer overflows. Weak permissions for executable files...

Baidu Soba ActiveX code execution

Unsafe function allows to download and execute executable file...

Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)

Security Advisory Severity: Medium Title: Panda Antivirus 2008 Local Privileg Escalation Date: 02.08.07 Author: tarkus tarkus at tiifp dot org URL: https://tiifp.org/tarkus Vendor: Panda http://www.pandasoftware.com/ Affected Products: Panda Antivirus 2008 Not Affected Products: - Panda...

[Full-disclosure] CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability

CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability BACKGROUND: =========== BlueSkychat is a professional voice and video chat software widely used by large chat websites in china. DESCRIPTION: ============ Code Audit Labs Code Audit for BlueSkyCat ActiveX Control and discovered ...

Not dead shellcode-exploit warning-the black bar safety net

HEE HEE,today the computer some of the things transferred to the mobile hard disk,find yourself previously voted over the few manuscript,crude see an article but there are a few articles or a little heat,simply submit to the evil eight,hope can be a friend in need some help...rookie write the dis...