Multiple email clients vulnerable to directory traversal due to inappropriate unicode handling

Overview Some email clients contain a vulnerability when handling an attached file with a file name using unicode. This may result in a directory traversal attack or displaying a file name diffrently from the actual file name. Impact Actual impact could differ depending on the email clients thoug...

Apple Safari fails to properly handle a file name

Overview A vulnerabilty in Apple Safari handles specially crafted file name may allow execution of arbitrary code or denial of service. Description According to Apple Safari 3.1.1:A memory corruption issue exists in Safari's file downloading. By enticing a user to download a file with a malicious...

Safari 3.1 for windows download bug

This is another flaw I found in the Safari browser for Windows, the fault lies when trying to download a file with a very long name that causes the program is broken and pull the following exception. Access violation when reading11b5c539 If the file is filled with more letters to cause an excepti...

XnView超长文件名缓冲区溢出漏洞

BUGTRAQ ID: 28259 XnView是一款浏览的图片查看器，支持多种图形格式。 XnView处理超长的文件名时存在缓冲区溢出漏洞，XnView加载超长文件名命令行参数时发生缓冲区溢出，导致执行任意指令。 0 XnView 1.92.1 XnView ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： a href=http://www.xnview.com/ target=blankhttp://www.xnview.com//a http://www.click-internet.fr/index.php?cki=News&news=9...

DEBIAN-CVE-2008-0455

Cross-site scripting XSS vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by...

DEBIAN-CVE-2008-0456

CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...

Debian Security Advisory DSA 154-1 (fam)

The remote host is missing an update to fam announced via advisory DSA 154-1. OpenVAS Vulnerability Test $Id: deb1541.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 154-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-1064-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2003-1539

Cross-site scripting XSS vulnerability in ONEdotOH Simple File Manager SFM before 0.21 allows remote attackers to inject arbitrary web script or HTML via 1 file names and 2 directory names...

GLSA-200801-01 : unp: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200801-01 unp: Arbitrary command execution Erich Schubert from Debian discovered that unp does not escape file names properly before passing them to calls of the shell. Impact : A remote attacker could entice a user or automated...

Fedora 8 : libcdio-0.78.2-4.fc8 (2008-0136)

Wed Jan 2 2008 Adrian Reber - 0.78.2-4 - fixes 427197 Long Joliet file name overflows cdio's buffer Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

CVE-2007-6610

unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third party product...

GLSA-200712-14 : CUPS: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200712-14 CUPS: Multiple vulnerabilities Wei Wang McAfee AVERT Research discovered an integer underflow in the asn1getstring function of the SNMP backend, leading to a stack-based buffer overflow when handling SNMP responses...

Quickly remove illegal file name code-vulnerability warning-the black bar safety net

allyesno: we will encounter many so-called illegal file name For example .. con, nul, etc. FlowerCode gives the following method can quickly delete these file names http://hi.baidu.com/flowercode/blog/item/3f68be02a7cfd10d4bfb519f.html References Two lines of code get deleted quickly using illega...

GLSA-200711-01 : gFTP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200711-01 gFTP: Multiple vulnerabilities Kalle Olavi Niemitalo discovered two boundary errors in fsplib code included in gFTP when processing overly long directory or file names. Impact : A remote attacker could trigger these...

CVE-2002-2383

SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote attackers to execute arbitrary SQL commands via file names...

CVE-2007-4397

Multiple CRLF injection vulnerabilities in 1 xmms-thing 1.0, 2 XMMS Remote Control Script 1.07, 3 Disrok 1.0, 4 a2x 0.0.1, 5 Another xmms-info script 1.0, 6 XChat-XMMS 0.8.1, and other unspecified scripts for XChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF...

fsplib -- multiple vulnerabilities

A Secunia Advisory reports: fsplib can be exploited to compromise an application using the library. A boundary error exists in the processing of file names in fspreaddirnative, which can be exploited to cause a stack-based buffer overflow if the defined MAXNAMLEN is bigger than 256. A boundary...

CVE-2007-3822

Multiple cross-site scripting XSS vulnerabilities in Webcit before 7.11 allow remote attackers to inject arbitrary web script or HTML via 1 the who parameter to showuser; and other vectors involving 2 calendar mode, 3 bulletin board mode, 4 room names, and 5 uploaded file names...

CVE-2007-2343

Stack-based buffer overflow in the TFTPD component in Enterasys NetSight Console 2.1 and NetSight Inventory Manager 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via crafted request packets that contain long file names...