Microsoft Windows Media Player 7.0 - .wmz Arbitrary Java Applet

Microsoft Windows Media Player 7.0 - .wmz Arbitrary Java Applet source: https://www.securityfocus.com/bid/2203/info A vulnerability has been reported in Microsoft Windows Media Player 7 which is exploitable through Internet Explorer and Java. Skins are downloadable files which change the appearan...

CVE-2000-1096

crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating...

Microsoft Media Player .ASX parser buffer overflow (win98, others?)

It bugs as hell. A valid ASX file to be opened in Microsoft Media Player 6.4x: ASX version = "3.0" Entry Ref href="anasf.asf" /Entry /ASX Make any keyword longer than 21000 characters and you've got it. Not too easy to exploit though.. prove your skills ; Get Your Private, Free E-mail from MSN...

Minicom 1.821.83 - Capture-file Group Ownership

Minicom 1.821.83 - Capture-file Group Ownership source: https://www.securityfocus.com/bid/1599/info Minicom is a unix terminal program often used for communication between computers with modems. It is often installed setgid uucp, as this access is required for regular users to use certain devices...

CVE-2000-0195

setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file...

CVE-2000-0602

Secure Locate slocate in Red Hat Linux allows local users to gain privileges via a malformed configuration file that is specified in the LOCATEPATH environmental variable...

Overflow in Outlook Express 4.* - too long filenames with graphic format extension

==== APPLICATION AFFECTED Outlook Express 4. 5. is not affected ==== DESCRIPTION All attached graphic files are automatically shown in the Outlook Express while viewing the e-mail. The problem is that long filenames with .jpg .bmp extension makes overflow if filename lenght is longer then 256...

The ht://Dig Group ht://Dig 3.1.1/3.1.2/3.1.3/3.1.4/3.2 .0b1 - Arbitrary File Inclusion

source: https://www.securityfocus.com/bid/1026/info ht://dig is a web content search engine for Unix platforms. The software is set up to allow for file inclusion from configuration files. Any string surrounded by the opening singlw quote character is taken as a path to a file for inclusion, for...

CVE-2000-0049

Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file...

IBM Websphere 2.0/3.0 - ikeyman Weak Encrypted Password

source: https://www.securityfocus.com/bid/1763/info IBM WebSphere ships with a tool called 'ikeyman' that encrypts server certificates/key pairs when the IBM HTTP Server and SSL connections are enabled. Ikeyman stores the password in a stash file which can be easily decrypted through the use of a...