Lucene search
K

1285 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.1 views

LHA extrace_one Vuffer Overflow Vulnerability

Overview LHA lhext.c contains a buffer overflow vulnerability with the extractone funcation, which stems from improper handling of a 'w' option argument. Impact An remote attacker could execute arbitrary code. Solution Please refer to the 'Vendor Information' section for official remediation and...

10CVSS7.5AI score0.18827EPSS
Exploits0References10
Packet Storm
Packet Storm
added 2008/01/07 12:0 a.m.26 views

uebimiau-disclose.txt

---- Uebimiau Web-Mail Remote File Reader ... ITDefence.ru Antichat.ru Uebimiau Web-Mail Remote File Reader Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / // / /\ / // 2007 //// // //\ \ \...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/01/06 12:0 a.m.30 views

Uebimiau Web-Mail 2.7.102.7.2 - Remote File Disclosure

Uebimiau Web-Mail 2.7.102.7.2 - Remote File Disclosure ---- Uebimiau Web-Mail Remote File Reader ... ITDefence.ru Antichat.ru Uebimiau Web-Mail Remote File Reader Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //...

7.5AI score
Exploits0
0day.today
0day.today
added 2008/01/05 12:0 a.m.31 views

MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ================================================ MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities ================================================ AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com...

7.1AI score
Exploits0
myhack58
myhack58
added 2007/09/28 12:0 a.m.18 views

Engraved disc break employees Computer password restrictions-vulnerability warning-the black bar safety net

In the enterprise because the employees separation from service caused by your computer not password and not use things often happen, this also increases the burden on administrators. In order to take important data copied out, and many of my friends had to reinstall the system, or even remove th...

0.4AI score
Exploits0
OSV
OSV
added 2007/08/28 1:17 a.m.7 views

AZL-6828 CVE-2007-4559 affecting package python3 for versions less than 3.9.19-1

Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...

9.8CVSS6.9AI score0.27095EPSS
Exploits3References1
OSV
OSV
added 2007/08/28 1:17 a.m.9 views

AZL-6822 CVE-2007-4559 affecting package python2 for versions less than 2.7.18-8

Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...

9.8CVSS6.9AI score0.27095EPSS
Exploits3References1
OSV
OSV
added 2007/08/28 12:0 a.m.19 views

PSF-2007-2 Directory path traversal in extract() and extractall() tarfile functions via '..' (dot dot) sequences

Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. dot dot sequence in filenames in a TAR archive, a related issue to CVE-2001-1267...

9.8CVSS9.4AI score0.27095EPSS
Exploits3References3
myhack58
myhack58
added 2007/08/04 12:0 a.m.27 views

Baidu net horse tools-vulnerability warning-the black bar safety net

Baidu net horse when you want to use the CAB file package is CABARC Usage: CABARC options command cabfile @list files destdir Commands: L List contents of cabinet e.g. cabarc l test. cab N Create new cabinet e.g. cabarc n test. cab . c app. mak . h X Extract files from cabinet e.g. cabarc x test...

0.3AI score
Exploits0
NVD
NVD
added 2007/06/07 10:30 p.m.13 views

CVE-2007-3124

Buffer overflow in backup/src/vmsbackup.c aka the backup utility in FreeVMS before 0.3.6 might allow local users to gain privileges via a long string in response to an "extract ny" prompt...

4.6CVSS6.8AI score0.00333EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/06/07 10:0 p.m.21 views

CVE-2007-3124

Buffer overflow in backup/src/vmsbackup.c aka the backup utility in FreeVMS before 0.3.6 might allow local users to gain privileges via a long string in response to an "extract ny" prompt...

6.8AI score0.00333EPSS
Exploits0References4
OSV
OSV
added 2007/04/16 9:19 p.m.1 views

DEBIAN-CVE-2007-1997

Integer signedness error in the 1 cabunstore and 2 cabextract functions in libclamav/cab.c in Clam AntiVirus ClamAV before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based...

7.5CVSS9.5AI score0.05412EPSS
Exploits0References1
securityvulns
securityvulns
added 2007/03/09 12:0 a.m.40 views

[Full-disclosure] PHP import_request_variables() vs extract()

Please note that also extract will override any variable exluded $GLOBALS but the main difference is that on http://it2.php.net/extract you are advised to do not use "extract against untrusted data, like user-input $GET, ...." quote if you want to run old code that relies on registerglobals...

0.8AI score
Exploits0
CVE
CVE
added 2007/02/16 1:0 a.m.53 views

CVE-2007-0975

CVE-2007-0975 affects Ian Bezanson Apache Stats prior to 0.0.3 beta. The vulnerability is a variable extraction issue: the extract function on the _REQUEST superglobal can overwrite critical variables. The impact is stated as unknown in the source material. CVSS 2.0 base score is 5.0 (Medium). No...

5CVSS6.5AI score0.01165EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2007/02/14 11:28 a.m.16 views

Design/Logic Flaw

Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function...

7.5CVSS7AI score0.01126EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/02/14 11:0 a.m.51 views

CVE-2007-0930

CVE-2007-0930 describes a vulnerability in Apache Stats prior to 0.0.3beta where PHP’s extract usage enables attackers to modify arbitrary variables. The underlying issue is a variable extraction flaw that could enable attacks via unspecified vectors. The affected software is Apache Stats (PHP-ba...

7.5CVSS6.5AI score0.01126EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/02/14 11:0 a.m.24 views

CVE-2007-0930

Variable extract vulnerability in Apache Stats before 0.0.3beta allows attackers to modify arbitrary variables and conduct attacks via unknown vectors involving the use of PHP's extract function...

6.5AI score0.01126EPSS
Exploits0References3
NVD
NVD
added 2007/02/01 1:28 a.m.16 views

CVE-2007-0649

Variable overwrite vulnerability in interface/globals.php in OpenEMR 2.8.2 and earlier allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as conduct a remote file inclusion attacks via the srcdir parameter in custom/importxml.php or b...

4.3CVSS5.8AI score0.06172EPSS
Exploits0References13
Prion
Prion
added 2007/01/30 6:28 p.m.14 views

Buffer overflow

Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as copying arbitrary files using index/commonactions.php, via vectors associated with extract operations on th...

7.5CVSS7.2AI score0.01501EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2007/01/30 6:28 p.m.16 views

CVE-2007-0599

Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as copying arbitrary files using index/commonactions.php, via vectors associated with extract operations on th...

7.5CVSS6.7AI score0.01501EPSS
Exploits1References4
Rows per page
Query Builder