Snitz Forums 2000 3.4.6 Pop_Mail.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20712/info Snitz Forums 2000 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

CamShot WebCam 2.6 Trial - Remote Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1685/info CamShot is a Windows 95/98/2000/NT web server that serves up web pages containing time stamped images captured from a video camera. The images can be viewed from anywhere on the network with a web browser. CamSh...

Microsoft Windows XP/2000/NT 4 Shell Long Share Name Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10213/info Microsoft Windows operating systems have been reported to be prone to a remotely exploitable buffer overrun condition. This issue is exposed when a client attempts to connect to an SMB share with an overly long...

OReilly Software WebSite Professional 2.3.18/2.4/2.4.9 'webfind.exe' Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1487/info O'Reilly WebSite Professional is a web server package distributed by O'Reilly & Associates. Certain versions of this web server the entire 2.X version line ship with a utility containing a remotely exploitable...

MVDSV 0.165 b/0.171 Quake Server Download Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9218/info The mvdsv Quake Server implementation is prone to a remotely exploitable buffer overrun vulnerability. This could permit execution of arbitrary code in the context of the server...

Mini-stream Ripper 3.1.2.1 - Buffer Overflow (DEP Bypass)

No description provided by source. / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! The programs are provided as is without any guarantees or warranty. The author is not responsible for any damage or losses of any kind cause...

Man Command -H Flag Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23355/info The 'man' command is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation. NOTE: Presumably, this issue is...

PinApp Mail-SeCure 3.70 - Access Control Failure

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ PinApp Mail-SeCure Access Control Failure 1. Advisory Information Title: PinApp Mail-SeCure Access Control Failure Advisory ID: CORE-2013-0904 Advisory URL:...

Sun Calendar Express Web Server - (DoS/XSS) Multiple Remote Vulns

No description provided by source. Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple vulnerabilities in Sun Calendar Express Web Server 1. Advisory Information Title: Multiple vulnerabilities in Sun Calendar Express Web Server Advisory ID: CORE-2009-010...

Preisschlacht Multi Liveshop System SQL Injection (seite&aid) index.php

No description provided by source. ----------------------------Information------------------------------------------------ +Name : Preisschlacht Multi Liveshop System SQL Injection seite&aid index.php +Autor : Easy Laster +Date : 17.03.2010 +Script : Preisschlacht Multi Liveshop System +Download ...

WikiWebHelp 0.28 - SQL Injection Vulnerability

No description provided by source. Version: v0.28 Possible all versions Vendor: Richard Bondi - http://wikiwebhelp.org Download: http://wikiwebhelp.org/release/wwh-0.2.8.zip Description: The goal of this project is to create a help application that is editable by the community. Standard wiki...

MS Windows 2000/NT 4/XP Window Message Subsystem Design Error Vulnerability (4)

No description provided by source. source: http://www.securityfocus.com/bid/5408/info A serious design error in the Win32 API has been reported. The issue is related to the inter-window message passing system. This vulnerability is wide-ranging and likely affects almost every Win32 window-based...

EdrawSoft Office Viewer Component ActiveX 5.6 (officeviewermme.ocx) BoF PoC

No description provided by source. EdrawSoft Office Viewer Component ActiveX 5.6 officeviewermme.ocx BoF PoC Vendor: EdrawSoft Product web page: http://www.edrawsoft.com Affected version: 5.6.5781 Summary: Edraw Office Viewer Component contains a standard ActiveX control that acts as an ActiveX...

Microsoft Windows XP/2000/2003 Graphical Device Interface Plus Library Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19221/info Reportedly, the Microsoft Windows GDI+ library 'gdiplus.dll' is prone to a denial-of-service vulnerability because the software fails to handle malformed image files properly. An attacker may leverage this issu...

HP OpenView OmniBack II A.03.50 - Command Executino

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

MW6 Technologies DataMatrix ActiveX (Data param) - Buffer Overflow

No description provided by source. !-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow PROBABLY leading to arbitrary code execution. COM Object - DE7DA0B5-7D7B-4CEA-8739-65CF600D511E MW6DataMatrix Class File...

Easy Software Products LPPassWd 1.1.22 Resource Limit Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12005/info Easy Software Products lppasswd is prone to a locally exploitable denial of service vulnerability. This issue occurs when the program attempts to write a file to the system that will exceed any file size resour...

net2ftp <= 0.97 Cross-Site Scripting/Request Forgery Vulnerabilities

No description provided by source. =cicatriz [email protected]==advisories= / / / / // / / // / o / / .-/ =net2ftp = 0.97 Cross-Site Scripting/Request Forgery==/= == =Advisory & Vulnerability Information=== Title: net2ftp = 0.97 Cross-Site Scripting/Request Forgery Advisory ID:...

Solaris 10 (sparc) : 151355-01 (deprecated)

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: CPU performance counters CPC drivers. Supported versions that are affected are 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability c...

SSL Pulse Scans Quantify Vulnerable OpenSSL Servers

Certain mitigating factors made the recent OpenSSL man-in-the-middle vulnerability a notch or two below Heartbleed in terms of criticality. With that in consideration, it’s probably no surprise that patching levels for CVE-2014-0224 aren’t as high out of the gate as they were for Heartbleed. Ivan...