CVE-2005-3831

Stack-based buffer overflow in 1 CxZIP60.dll and 2 CxZIP60u.dll, as used in SpeedProject products including a ZipStar 5.0 Build 4285, b Squeez 5.0 Build 4285, and c SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive...

CVE-2005-3831

Stack-based buffer overflow in 1 CxZIP60.dll and 2 CxZIP60u.dll, as used in SpeedProject products including a ZipStar 5.0 Build 4285, b Squeez 5.0 Build 4285, and c SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive...

Internet Explorer inline content filename extension vulnerability

Added: 11/25/2005 CVE: CVE-2001-0727 BID: 3578 OSVDB: 3033 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Using a null byte %00 in the filename field found in the Content-disposition header, a remote web server may be able to...

Internet Explorer inline content filename extension vulnerability

Added: 11/25/2005 CVE: CVE-2001-0727 BID: 3578 OSVDB: 3033 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Using a null byte %00 in the filename field found in the Content-disposition header, a remote web server may be able to...

[SA17511] Mailman Attachment Filename Scrubbing Denial of Service

TITLE: Mailman Attachment Filename Scrubbing Denial of Service SECUNIA ADVISORY ID: SA17511 VERIFY ADVISORY: http://secunia.com/advisories/17511/ CRITICAL: Moderately critical IMPACT: DoS WHERE: From remote SOFTWARE: Mailman 2.x http://secunia.com/product/1010/ DESCRIPTION: Aliet Santiesteban...

Opera web browser file download extension spoofing

The remote host is using Opera - an alternative web browser. This version contains a flaw that may allow a malicious user to trick a user into running arbitrary code. The issue is triggered when an malicious web site provides a file for download, but crafts the filename in such a way that the fil...

CVE-2005-3317

Multiple stack-based buffer overflows in ZipGenius 5.5.1.468 and 6.0.2.1041, and other versions before 6.0.2.1050, allow remote attackers to execute arbitrary code via 1 a ZIP archive that contains a file with a long filename, which is not properly handled by a zipgenius.exe, b zg.exe, c...

CVE-2005-3194

CVE-2005-3194 affects ALZip 6.12 (Korean), 6.1 (International), and 5.52 (English). The vulnerability is described as multiple buffer overflows that allow remote attackers to execute arbitrary code via a long filename inside compressed archives (ALZ, ARJ, ZIP, UUE, XXE). Connected sources reitera...

phpBB 2.0.13 (admin_styles.php) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl r57phpbbadmin2exec.pl phpBB adminstyles.php commands execution exploit tested on phpBB 2.0.13 by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru screen r57phpbbadmin2exec.pl -p http://blah.com/phpBB/admin/ -s 0864cb0abb396319c589ebc2a98c2c5d -c...

RARLAB WinRar 2.903.x - UUEXXE Invalid Filename Error Message Format String

RARLAB WinRar 2.903.x - UUEXXE Invalid Filename Error Message Format String source: https://www.securityfocus.com/bid/15062/info WinRAR is prone to multiple remote vulnerabilities. These issues include a format string and a buffer overflow vulnerability. Successful exploitation may allow an...

RARLAB WinRar 2.90/3.x - UUE/XXE Invalid Filename Error Message Format String

source: https://www.securityfocus.com/bid/15062/info WinRAR is prone to multiple remote vulnerabilities. These issues include a format string and a buffer overflow vulnerability. Successful exploitation may allow an attacker to execute arbitrary code on a vulnerable computer. WinRAR 3.50 and prio...

[SECURITY] [DSA 827-1] New backupninja packages fix insecure temporary file

-------------------------------------------------------------------------- Debian Security Advisory DSA 827-1 [email protected] http://www.debian.org/security/ Michael Stone September 29th, 2005 http://www.debian.org/security/faq -...

Nokia smartphones Nobex service DoS

Server stops responding after receiving archive with special characters in the filename...

CVE-2005-3007

Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." dot, which might allow remote attackers to trick users into processing dangerous content...

CVE-2005-3007

Opera before 8.50 is affected by a vulnerability where appending a trailing dot to a filename spoofed the content type, potentially tricking users into processing dangerous content. The issue concerns the browser’s handling of file-type presentation rather to content-type verification, enabling m...

Debian DSA-814-1 : lm-sensors - insecure temporary file

Javier Fernandez-Sanguino Pena discovered that a script of lm-sensors, utilities to read temperature/voltage/fan sensors, creates a temporary file with a predictable filename, leaving it vulnerable for a symlink attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

NOD32 Antivirus ARJ Archive Filename Handling Overflow

The remote host is running NOD32 Antivirus, from eset. The installed version of NOD32 Antivirus is reportedly prone to a heap-based buffer overflow when processing ARJ archives with long filenames. An attacker may be able to exploit this issue to execute arbitrary code on the remote host. C Tenab...

CVE-2005-2856

Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including 1 ALZip 5.51 through 6.11, 2 Servant Salamander 2.0 and 2.5 Beta 1, 3 WinHKI 1.66 and 1.67, 4 ExtractNow 3.x, 5 Total Commander 6.53, 6 Anti-Trojan 5.5.421,...

CVE-2004-2384

NullSoft Winamp 5.02 allows remote attackers to cause a denial of service crash by creating a file with a long filename, which causes the victim's player to crash when the file is opened from the command line...

CVE-2005-2102

The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service application crash via a filename that contains invalid UTF-8 characters...