8763 matches found
CVE-2007-3365
MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information script source code via a modified extension, as demonstrated by post.mscgI...
CVE-2007-3365
MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information script source code via a modified extension, as demonstrated by post.mscgI...
CVE-2007-3365
Affected software: MyServer ≤ 0.8.9. Vulnerability: improper handling of uppercase characters in filename extensions. Impact: remote attackers can obtain sensitive information, including script source code, via a modified extension. Evidence from connected docs: description confirms the issue and...
Stack overflow
Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 English Trial, and 2.0 with Portable Executable Viewer 1.00 English Trial, allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file...
CVE-2007-3314
Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 English Trial, and 2.0 with Portable Executable Viewer 1.00 English Trial, allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file...
MyServer 0.8.9 - Filename Parse Error Information Disclosure
MyServer 0.8.9 - Filename Parse Error Information Disclosure source: https://www.securityfocus.com/bid/24571/info MyServer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks. This issue affects...
MyServer 0.8.9 - Filename Parse Error Information Disclosure
source: https://www.securityfocus.com/bid/24571/info MyServer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to access sensitive information that may lead to further attacks. This issue affects MyServer 0.8.9; other versions may also be affected...
HTTP SERVER (httpsv1.6.2) source code disclosure
HTTP SERVER httpsv1.6.2 source code disclosure http://httpsv.sourceforge.net/ The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files. POC: http://127.0.0.1/test.htm20 Bug Found...
[CAID 35395, 35396]: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities
Title: CAID 35395, 35396: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities CA Vuln ID CAID: 35395, 35396 CA Advisory Date: 2007-06-05 Reported By: ZDI Impact: Remote attackers can cause a denial of service or potentially execute arbitrary code. Summary: CA Anti-Virus engine contains...
Stack overflow
Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA formerly Computer Associates products allows remote attackers to execute arbitrary code via a long filename in a .CAB file...
[Full-disclosure] ZDI-07-034: CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability
ZDI-07-034: CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-034.html June 5, 2007 -- CVE ID: CVE-2007-2863 -- Affected Vendor: Computer Associates -- Affected Products: CA Anti-Virus eTrust EZ Antivirus CA Internet...
CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Computer Associates products. The specific flaw exists in the parsing of .CAB archives. When a long filename contained in the .CAB is processed by vete.dll an exploitable stack overflow may...
Stack overflow
Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX control IMW32O40.OCX 4.00.041 allow remote attackers to execute arbitrary code via 1 a long FileName parameter, or unspecified vectors involving the 2 BeginReport, 3 CreatePictureExA, 4 DefineImage, 5 DefineImageEx, 6...
Pegasus ImagN - ActiveX Control Remote Buffer Overflow
Pegasus ImagN - ActiveX Control Remote Buffer Overflow ?php / win32adduser - PASS=tzu EXITFUNC=seh USER=sun Size=483 Encoder=PexAlphaNum http://metasploit.com / $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49"...
Pegasus ImagN - ActiveX Control Remote Buffer Overflow
?php / win32adduser - PASS=tzu EXITFUNC=seh USER=sun Size=483 Encoder=PexAlphaNum http://metasploit.com / $shellcode = "\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x49\x49\x49\x49". "\x49\x51\x5a\x56\x54\x58\x36\x33\x30\x56\x58\x34\x41\x30\x42\x36"...
Stack overflow
Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier allows remote attackers to execute arbitrary code via a long filename in a .cue file...
CVE-2007-2644
A certain ActiveX control in Morovia Barcode ActiveX Professional 3.3.1304 allows remote attackers to overwrite arbitrary files by calling the Save method with an arbitrary filename...
CVE-2007-2602
Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows attackers to cause a denial of service application crash or execute arbitrary code via a long MIB filename argument. NOTE: If there is not a common scenario under which MIBEXTRA.EXE is called with attacker-controlled command line...
PT-2007-3921 · Ipswitch · Ipswitch Whatsup Gold
Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold version 11 Description: The issue allows attackers to cause a denial of service or execute arbitrary code via a long MIB filename argument in MIBEXTRA.EXE. This can happen when MIBEXTRA.EXE is called with...
Atmoix MP3 buffer overflow
Buffer overflow on oversized filename...