CVE-2006-1594

Multiple directory traversal vulnerabilities in document/rqmkhtml.php in Claroline 1.7.4 and earlier allow remote attackers to use ".." dot dot sequences to 1 read arbitrary files via the file parameter in a rqEditHtml command to document/rqmkhtml.php or 2 execute arbitrary code via the includePa...

Update Protection against Tftpd32 Request Error Message Format String Vulnerability

Tftpd32 is a freeware TFTP server designed for Microsoft Windows operating systems. A vulnerability has been identified in Tftpd32, specifically in the processing of Get requests containing a malformed filename. An attacker capable of sending a specially crafted filename can cause a vulnerable...

Mantis File Inclusion and SQL Injection Flaws

The remote web server contains a PHP application that is affected by multiple flaws. Description : The remote version of Mantis suffers from a remote file inclusion vulnerability. Provided PHP's 'registerglobals' setting is enabled, An attacker may be able to leverage this issue to read arbitrary...

CVE-2006-1182

Adobe Graphics Server 2.0 and 2.1 formerly AlterCast and Adobe Document Server ADS 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the 1 saveContent...

CVE-2006-1182

Adobe Graphics Server 2.x and Adobe Document Server (ADS) 5.x/6.x are affected by CVE-2006-1182. A crafted SOAP request to the AlterCast web service can invoke saveContent, saveOptimized ADS, or loadContent commands to read files with certain extensions, overwrite arbitrary files, or execute code...

linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+

linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+. Shellcode exploit for linx86 platform / linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+ This shellcode allows you to download a binary code straight off a standard HTTP server and execute it. The downloaded shellcode e.g. binary code wi...

LISTSERV contains multiple buffer overflow vulnerabilities in the WA CGI script

Overview Several buffer overflow vulnerabilities have been discovered in LISTSERV. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system. Description L-Soft's LISTSERV is an email list management software package. It includes a Web Archive and...

CVE-2006-1010

Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service segmentation fault and possibly execute code by sending the server a large request...

BlackBerry Enterprise Server Attachment Handling Buffer Overflows

The version of BlackBerry Enterprise Server on the remote host reportedly contains flaws in its handling of Word and TIFF document attachments that may result in buffer overflows when a user opens a malformed file on a BlackBerry device. A remote attacker may be able to exploit this issue to...

Path traversal

Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 and earlier allows remote attackers to read arbitrary files, and possibly execute arbitrary code, via the 1 quizhead, 2 quizfoot, and 3 template variables...

CVE-2006-0795

CVE-2006-0795 affects Quirex convert.cgi (versions 2.0.2 and earlier). The vulnerability is an absolute path traversal via the quiz_head, quiz_foot, and template variables, allowing remote attackers to read arbitrary files and, per sources, possibly execute code. Exploit is reported as available,...

CVE-2006-0782

Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to create arbitrary files and possibly execute arbitrary code via unspecified attack vectors related to improper handling of 1 the reply parameter, possibly involving injection of 2 the name parameter and...

CVE-2006-0597

Multiple stack-based buffer overflows in elogd.c in elog before 2.5.7 r1558-4 allow attackers to cause a denial of service application crash and possibly execute code via long "revision attributes"...

CVE-2006-0597

Removed by vendor...

Tftpd32 Error Message Format String

The remote host appears to be running Tftpd32, a tftpd server for Windows. There is a format string vulnerability in versions of Tftpd32 up to and including 2.81 that may allow remote attackers to crash the server or to execute code on the affected host subject to the privileges under which the...

Integer overflow

An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service crash and possibly execute code via a crafted WMF file with a manipulated WMF...

CVE-2005-3240

Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary files and possibly execute code by tricking a user into performing a drag-and-drop action from certain objects, such as file objects within a folder view, then predicting the drag action, and...

HTTP Version Number Overflow DoS Vulnerability

It was possible to kill the web server by sending an invalid GET request with a too long HTTP version field. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

OpenVMPS Logging Function Format String

The remote host appears to be running OpenVMPS, an open source VLAN Management Policy Server VMPS. There is a format string vulnerability in versions of OpenVMPS up to and including 1.3 that may allow remote attackers to crash the server or execute code on the affected host subject to the...

CVE-2005-3254

The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian...