Unreal Commander 0.92 - ZIP RAR Archive Handling Traversal Arbitrary File Overwrite

Unreal Commander 0.92 - ZIP RAR Archive Handling Traversal Arbitrary File Overwrite source: https://www.securityfocus.com/bid/25419/info Unreal Commander is prone to multiple remote vulnerabilities when handling malformed ZIP and RAR archives. These vulnerabilities include a directory-traversal...

Unreal Commander 0.92 - ZIP / RAR Archive Handling Traversal Arbitrary File Overwrite

source: https://www.securityfocus.com/bid/25419/info Unreal Commander is prone to multiple remote vulnerabilities when handling malformed ZIP and RAR archives. These vulnerabilities include a directory-traversal vulnerability, an information-disclosure vulnerability, and a filename-spoofing...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Siemens Gigaset SE361 WLAN router with firmware 1.00.0 allow remote attackers to inject arbitrary web script or HTML via the portion of the URI immediately following the filename for 1 a GIF filename, which triggers display of the GIF file ...

CVE-2007-4442

Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as used in the internal web server, allows remote attackers to cause a denial of service application crash via a request for a long .gif filename in the images/ directory, related to conversion from...

Stack overflow

Stack-based buffer overflow in the logging function in the Unreal engine, possibly 2003 and 2004, as used in the internal web server, allows remote attackers to cause a denial of service application crash via a request for a long .gif filename in the images/ directory, related to conversion from...

CVE-2007-4403

The mIRC Control Plug-in for Winamp allows user-assisted remote attackers to execute arbitrary code via the '|' pipe shell metacharacter in the name of the song in a .mp3 file...

CVE-2007-4148

Heap-based buffer overflow in the Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service persistent daemon crashes or execute arbitrary code via a long filename in a "LOG." command...

Heap overflow

Heap-based buffer overflow in the Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service persistent daemon crashes or execute arbitrary code via a long filename in a "LOG." command...

CVE-2007-4148

Heap-based buffer overflow in the Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service persistent daemon crashes or execute arbitrary code via a long filename in a "LOG." command...

T1lib intT1_Env_GetCompletePath函数远程缓冲区溢出漏洞

BUGTRAQ ID: 25079 t1lib是一个用C编写的函数库，用于从Adobe Type 1字体生成位图。 t1lib库的实现上存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞通过诱使用户处理畸形文档控制用户系统。 t1lib库的lib/t1lib/t1env.c文件中的intT1EnvGetCompletePath函数中存在缓冲区溢出，如果使用该库的应用程序处理了FileName参数中的超长字符串的话，就可以触发这个溢出，导致执行任意指令。 t1lib 5.1.1 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

PHP 5.2.3 glob() Remote DoS Exploit

?php //PHP 5.2.3 glob Remote DoS Exploit //author: shinnai //mail: shinnaiatautisticidotorg //site: http://shinnai.altervista.org //Tested on xp sp2, worked both from the cli EIP overwrite and on apache Denial of Service //Bug discovered with "Footzo" thanks to rgod. //To download Footzo:...

CVE-2007-4033

Buffer overflow in the intT1EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in phpgd2.dll in the gd PHPGD2...

Buffer overflow

Buffer overflow in the intT1EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in phpgd2.dll in the gd PHPGD2...

CVE-2007-4033

Buffer overflow in the intT1EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in phpgd2.dll in the gd PHPGD2...

NetVault Report Manager Scheduler File Name Handling Overflow

The remote host is running NetVault Report Manager, a tool for monitoring backup reports. The Server and Client Scheduler components included in the version of NetVault Report Manager installed on the remote host suffer from a heap overflow vulnerability that can occur when processing overly long...

Stack overflow

Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 might allow remote attackers to execute arbitrary code via 1 a long filename that is not properly handled by the fspreaddirnative function when MAXNAMLEN is greater than 255, or 2 a long dname directory dirent field in the...

BakBone NetVault Reporter Scheduler Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of BakBone NetVault Reporter. User interaction is not required to exploit this vulnerability. The specific flaw exists both within the scheduler client clsscheduler.exe listening on TCP por...

File type confusion due to %00 in name — Mozilla

Ronald van den Heetkamp reported that a filename URL containing %00 encoded null can cause Firefox to interpret the file extension differently than the underlying Windows operating system potentially leading to unsafe actions such as running a program. This is only accessible locally...

PHP 5.2.3 glob() Denial of Service Exploit

No description provided by source. ?php //PHP 5.2.3 glob Remote DoS Exploit //author: shinnai //mail: shinnaiatautisticidotorg //site: http://shinnai.altervista.org //Tested on xp sp2, worked both from the cli EIP overwrite and on apache Denial of Service...

PHP 5.2.3 glob() Denial of Service Exploit

Exploit for multiple platform in category dos / poc ========================================== PHP 5.2.3 glob Denial of Service Exploit ========================================== 0day.today 2018-04-09...