CVE-2007-3314

Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 English Trial, and 2.0 with Portable Executable Viewer 1.00 English Trial, allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file...

CVE-2007-3314

CVE-2007-3314 describes a stack-based overflow in Altap Servant Salamander 2.5 (peviewer.spl) and related PE Viewer components that can be triggered by a crafted PE file, allowing a remote attacker to execute arbitrary code. The vulnerability is caused by processing a long PDB debug filename and ...

CentOS 3 : gdb (CESA-2007:0469)

An updated gdb package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages by executing them in a...

GLSA-200706-04 : MadWifi: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200706-04 MadWifi: Multiple vulnerabilities Md Sohail Ahmad from AirTight Networks has discovered a divison by zero in the athbeaconconfig function CVE-2007-2830. The vendor has corrected an input validation error in the...

Multiple Symantec antiviral products Reporting Server code execution

It's possible to spoof executable report file. Password hash is leaked during failed logon attempt...

Symantec Reporting Server < 1.0.224.0 Multiple Vulnerabilities

The remote host is running Symantec Reporting Server, a web-based tool for creating reports about Symantec enterprise antivirus products. The version of Symantec Reporting Server installed on the remote host allows a remote attacker to bypass authentication to various scripts and gain access to t...

CVE-2007-3021

Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition SAV CE 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via...

GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow

source: https://www.securityfocus.com/bid/24291/info GDB is prone to a buffer-overflow vulnerability because it fails to properly check bounds when handling specially crafted executable files. Attackers could leverage this issue to run arbitrary code outside of a restricted environment, which may...

GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow

GDB 6.6 - ProcessCoffSymbol UPX File Buffer Overflow source: https://www.securityfocus.com/bid/24291/info GDB is prone to a buffer-overflow vulnerability because it fails to properly check bounds when handling specially crafted executable files. Attackers could leverage this issue to run arbitrar...

SOL6919 - Cross-site scripting vulnerability in my.activation.php3 CVE-2007-3097

A cross-site scripting XSS vulnerability exists in the FirePass my.activation.php3 logon page.The affected FirePass logon URL fails to fully sanitize certain URL arguments before the requested web page content is returned to the browser. It is possible for an attacker to create web pages, emails ...

SOL6804 - ClamAV Portable Executable heap overflow Vulnerability - CVE-2006-4182

The FirePass controller provides anti-virus scanning of files uploaded through Portal Access from the ClamAV open source software . Scanning is enabled by selecting the Enable Standalone Virus Scanner option button on the Antivirus tab of the Portal Access: Content Inspection page. A vulnerabilit...

Debian DSA-1287-1 : ldap-account-manager - multiple vulnerabilities

Two vulnerabilities have been identified in the version of ldap-account-manager shipped with Debian 3.1 sarge. - CVE-2006-7191 An untrusted PATH vulnerability could allow a local attacker to execute arbitrary code with elevated privileges by providing a malicious rm executable and specifying a PA...

real-dos.txt

!/usr/bin/python Real player 10 Gold .Ra file remote Dos. Credits to n00b for finding this bug This bug is a nasty memory leak with in Real player 10 gold please remember if your guna test it out save all your info you need first..Coz your probly guna have to reboot also remember all other...

Code injection

Direct static code injection vulnerability in admin/save.php in Stephen Craton aka WiredPHP Chatness 2.5.3 and earlier allows remote authenticated administrators to inject PHP code into .html files via the html parameter, as demonstrated by head.html and foot.html, which are included and executed...

MS Windows Animated Cursor (.ANI) Overflow Exploit (Hardware DEP)

No description provided by source. / version 0.5 Copyright c 2007 devcode ^^ D E V C O D E ^^ Windows .ANI LoadAniIcon Stack Overflow For Hardware DEP XP SP2 CVE-2007-1765 Description: A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to take...

CVE-2007-1658

Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a 1 local file or 2 UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using...

Code injection

Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a 1 local file or 2 UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using...

EUVD-2007-1546

Unrestricted file upload vulnerability in usercp.php in MetaForum 0.513 Beta restricts file types based on the MIME type in the Content-type HTTP header, which allows remote attackers to upload and execute arbitrary scripts via an image MIME type with a filename containing an executable extension...

CVE-2006-7134

Unrestricted file upload vulnerability in mainuser.php in Upload Tool for PHP 1.0 allows remote attackers to upload and execute arbitrary files with executable extensions such as .php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party informatio...

Kaspersky Antivirus DoS

Infinite loop on unpacking UPX-packed executable file...