Buffer overflow

Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler formerly AllFusion Process Modeler 7.1 allows attackers to execute arbitrary code via a long filename. NOTE: the researcher does not suggest any circumstances in which the filename would come from an untrusted source, and therefore perhap...

CVE-2007-3695

Buffer overflow in LICRCMD.EXE in CA ERwin Process Modeler formerly AllFusion Process Modeler 7.1 allows attackers to execute arbitrary code via a long filename. NOTE: the researcher does not suggest any circumstances in which the filename would come from an untrusted source, and therefore perhap...

security flaw

Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long...

Low: Red Hat Bug Fix Advisory: unzip bug fix update

Updated unzip packages that address various bugs are now available. The unzip utility is used to list, test, or extract files from a zip archive. This update addresses the following issues: a TOCTOU bug that could be exploited to change file permissions CVE-2005-2475 a long filename buffer overfl...

Buffer overflow

Buffer overflow in Warzone 2100 Resurrection before 2.0.7 allows remote attackers to cause a denial of service application crash or execute arbitrary code via a long filename when setting background music...

CVE-2007-3545

Buffer overflow in Warzone 2100 Resurrection before 2.0.7 allows remote attackers to cause a denial of service application crash or execute arbitrary code via a long filename when setting background music...

CVE-2007-3545

Buffer overflow in Warzone 2100 Resurrection before 2.0.7 allows remote attackers to cause a denial of service application crash or execute arbitrary code via a long filename when setting background music...

CVE-2007-2836

Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...

Directory traversal

Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6 allows remote attackers to delete arbitrary files via directory traversal sequences in the session ID, which is matched against an insufficiently restrictive regular expression before it is used to construct a filename th...

Unrestricted file upload

Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename...

CVE-2007-3432

Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename...

CVE-2007-3432

Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename...

Design/Logic Flaw

cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses the From field of an instant message as the beginning of the .dat file name when the 1 imview2 or 2 imview3 function reads a an internal IM, or a message from a b guest or c removed member, which has unknown impact and...

SHTTPD V1.38 server source code disclosure

SHTTPD V1.38 server source code disclosure ------------------------------------ link:http://shttpd.sourceforge.net/ info: The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files...

edocstore-sql.txt

--==+================================================================================+==-- --==+ eDocStore Latest Versions Local File Inclusion Vulnerbilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog good work xprog...

SiteDepth CMS 3.44 (ShowImage.php name) File Disclosure Vulnerability

Exploit for unknown platform in category web applications ===================================================================== SiteDepth CMS 3.44 ShowImage.php name File Disclosure Vulnerability ===================================================================== Sitedepth CMS 3.44 Local File...

SHTTPD 1.38 - Filename Parse Error Information Disclosure

SHTTPD 1.38 - Filename Parse Error Information Disclosure source: https://www.securityfocus.com/bid/24618/info SHTTPD is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks. This issue affects SHTTPD...

SHTTPD 1.38 - Filename Parse Error Information Disclosure

source: https://www.securityfocus.com/bid/24618/info SHTTPD is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks. This issue affects SHTTPD 1.38; other versions may also be affected...

SiteDepth CMS 3.44 - 'ShowImage.php?name' File Disclosure

Sitedepth CMS 3.44 Local File Include LFI Exploit ! Application homepage : http://www.sitedepth.com/ ! Author : H4 / Team XPK ! Contact : [email protected] ! Bug discovered : 2006-11-07 ! Bug published : 2007-06-25 --------------------------------------------------------------------- Vuln. code:...

Design/Logic Flaw

MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information script source code via a modified extension, as demonstrated by post.mscgI...