1285 matches found
LHA extrace_one Vuffer Overflow Vulnerability
Overview LHA lhext.c contains a buffer overflow vulnerability with the extractone funcation, which stems from improper handling of a 'w' option argument. Impact An remote attacker could execute arbitrary code. Solution Please refer to the 'Vendor Information' section for official remediation and...
uebimiau-disclose.txt
---- Uebimiau Web-Mail Remote File Reader ... ITDefence.ru Antichat.ru Uebimiau Web-Mail Remote File Reader Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / // / /\ / // 2007 //// // //\ \ \...
Uebimiau Web-Mail 2.7.102.7.2 - Remote File Disclosure
Uebimiau Web-Mail 2.7.102.7.2 - Remote File Disclosure ---- Uebimiau Web-Mail Remote File Reader ... ITDefence.ru Antichat.ru Uebimiau Web-Mail Remote File Reader Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //...
MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ================================================ MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities ================================================ AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com...
Engraved disc break employees Computer password restrictions-vulnerability warning-the black bar safety net
In the enterprise because the employees separation from service caused by your computer not password and not use things often happen, this also increases the burden on administrators. In order to take important data copied out, and many of my friends had to reinstall the system, or even remove th...
AZL-6828 CVE-2007-4559 affecting package python3 for versions less than 3.9.19-1
Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...
AZL-6822 CVE-2007-4559 affecting package python2 for versions less than 2.7.18-8
Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...
PSF-2007-2 Directory path traversal in extract() and extractall() tarfile functions via '..' (dot dot) sequences
Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...
Baidu net horse tools-vulnerability warning-the black bar safety net
Baidu net horse when you want to use the CAB file package is CABARC Usage: CABARC options command cabfile @list files destdir Commands: L List contents of cabinet e.g. cabarc l test. cab N Create new cabinet e.g. cabarc n test. cab . c app. mak . h X Extract files from cabinet e.g. cabarc x test...
CVE-2007-3124
Buffer overflow in backup/src/vmsbackup.c aka the backup utility in FreeVMS before 0.3.6 might allow local users to gain privileges via a long string in response to an "extract ny" prompt...
CVE-2007-3124
Buffer overflow in backup/src/vmsbackup.c aka the backup utility in FreeVMS before 0.3.6 might allow local users to gain privileges via a long string in response to an "extract ny" prompt...
DEBIAN-CVE-2007-1997
Integer signedness error in the 1 cabunstore and 2 cabextract functions in libclamav/cab.c in Clam AntiVirus ClamAV before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based...
[Full-disclosure] PHP import_request_variables() vs extract()
Please note that also extract will override any variable exluded $GLOBALS but the main difference is that on http://it2.php.net/extract you are advised to do not use "extract against untrusted data, like user-input $GET, ...." quote if you want to run old code that relies on registerglobals...
CVE-2007-0975
CVE-2007-0975 affects Ian Bezanson Apache Stats prior to 0.0.3 beta. The vulnerability is a variable extraction issue: the extract function on the _REQUEST superglobal can overwrite critical variables. The impact is stated as unknown in the source material. CVSS 2.0 base score is 5.0 (Medium). No...
Design/Logic Flaw
Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function...
CVE-2007-0930
CVE-2007-0930 describes a vulnerability in Apache Stats prior to 0.0.3beta where PHP’s extract usage enables attackers to modify arbitrary variables. The underlying issue is a variable extraction flaw that could enable attacks via unspecified vectors. The affected software is Apache Stats (PHP-ba...
CVE-2007-0930
Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function...
CVE-2007-0649
Variable overwrite vulnerability in interface/globals.php in OpenEMR 2.8.2 and earlier allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as conduct a remote file inclusion attacks via the srcdir parameter in custom/importxml.php or b...
Buffer overflow
Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as copying arbitrary files using index/commonactions.php, via vectors associated with extract operations on th...
CVE-2007-0599
Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as copying arbitrary files using index/commonactions.php, via vectors associated with extract operations on th...