CVE-2009-3064

Directory traversal vulnerability in debugger/debugphp.php in Ve-EDIT 0.1.4 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the GETfilename parameter...

CVE-2009-2957

Heap-based buffer overflow in the tftprequest function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read aka RRQ request...

dnsmasq: multiple vulnerabilities in TFTP server

Heap-based buffer overflow in the tftprequest function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read aka RRQ request...

dTunes 2.72 (Filename Processing) Local Format String PoC

No description provided by source. !/usr/bin/perl dTunes 2.72 local format string PoC filename processing TheLeader, GSOG2009 st0p hotmail sp4m com ShoutZ to the wonderful ppl over at forums.hacking.org.il = Copy the file over to your device on /var/mobile/Library/Downloads/ and attempt playing...

dTunes 2.72 - Filename Processing Local Format String (PoC)

dTunes 2.72 - Filename Processing Local Format String PoC !/usr/bin/perl dTunes 2.72 local format string PoC filename processing TheLeader, GSOG2009 st0p hotmail sp4m com ShoutZ to the wonderful ppl over at forums.hacking.org.il = Copy the file over to your device on /var/mobile/Library/Downloads...

dTunes 2.72 (Filename Processing) Local Format String PoC

Exploit for unknown platform in category dos / poc ========================================================= dTunes 2.72 Filename Processing Local Format String PoC ========================================================= !/usr/bin/perl dTunes 2.72 local format string PoC filename processing...

TFTPUtil GUI 1.3.0 - Remote Denial of Service

TFTPUtil GUI 1.3.0 - Remote Denial of Service !/usr/bin/python import socket import sys from time import Download:http://www.brothersoft.com/tftputil-131537.html Note; Good Ramadan For all MuSLimS if lensys.argv!=2: print "xTFTPUtil GUI 1.3.0 GUI Remote Denial Of Service Exploit" print "xAuthor :...

Stack overflow

Stack-based buffer overflow in the SaveAs feature SaveFileAsWithFilter function in winutil.cc in Google Chrome 0.2.149.27 allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element, which triggers the overflow when the user saves the page and a long...

Mandriva Linux Security Advisory : samba (MDVSA-2009:196)

Multiple vulnerabilities has been found and corrected in samba : Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename CVE-2009-1886. The...

Unrestricted file upload

Unrestricted file upload vulnerability in member/uploadsedit.php in dedecms 5.3 allows remote attackers to execute arbitrary code by uploading a file with a double extension in the filename, then accessing this file via unspecified vectors, as demonstrated by a .jpg.php filename...

Debian: Security Advisory (DSA-1821-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2009-1886

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

CVE-2009-1886

Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename...

kernel: nfsv4 client can be crashed by stating a long filename

fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service OOPS via a long filename, related to the encodelookup function...

kernel: nfsv4 client can be crashed by stating a long filename

fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service OOPS via a long filename, related to the encodelookup function...

kernel: nfsv4 client can be crashed by stating a long filename

fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service OOPS via a long filename, related to the encodelookup function...

CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...

CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...

CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...

CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...