CVE-2004-1273

Buffer overflow in the DownloadLoop function in main.c for greed 0.81p allows remote attackers to execute arbitrary code via a GRX file containing a long filename...

3cdaemon buffer overflow

Buffer overflow on oversized TFTP filename...

3cdaemon tftp server DOS vulnerability

AUTHOR: Fortinet, inc Ning Wangnwangatscncomcn DATE: 15/12/2004 PRODUCTS: 3cdaemon version 2.0 revision 10 Description: 3com product 3cdaemon is one of the most popular used tools to achieve files backup and upgrade. Detail: 3com tftp daemon exist a vulnerability, which will encounter a fatal err...

CVE-2004-1232

Gauging from the provided sources, CVE-2004-1232 affects the Gadu-Gadu client’s image-sending path. The vulnerability is a stack-based buffer overflow triggered by a large image filename, enabling remote code execution. No specific exploit details or patch/version information are provided in the ...

CVE-2004-1232

Stack-based buffer overflow in the code that sends images in Gadu-Gadu allows remote attackers to execute arbitrary code via a large image filename...

Moderate: Red Hat Security Advisory: ncompress security update

An updated ncompress package that fixes a buffer overflow and problem in the handling of files larger than 2 GB is now available. The ncompress package contains the compress and uncompress file compression and decompression utilities, which are compatible with the original UNIX compress utility ....

CVE-2004-1170

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename...

CVE-2004-1128

Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename...

CVE-2004-1118

Buffer overflow in the WodFtpDLX.ocx WeOnlyDo! ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename...

CVE-2004-1094

CVE-2004-1094 concerns a buffer overflow in InnerMedia DynaZip DUNZIP32.dll (version 5.00.03 and earlier) that enables remote code execution when a crafted ZIP with a long filename is processed. Affected products include RealPlayer 10 / RealOne Player and various third‑party apps (e.g., CheckMark...

[Full-Disclosure] Advisory 13/2004: Samba 3.x QFILEPATHINFO unicode filename buffer overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e-matters GmbH www.e-matters.de -= Security Advisory =- Advisory: Samba 3.x QFILEPATHINFO unicode filename buffer overflow Release Date: 2004/11/15 Last Modified: 2004/11/15 Author: Stefan Esser [email protected] Application: Samba 3 = 3.0.7...

unarj buffer overflow

Buffer overflow on oversized archive filename...

MailPost vulnerable to cross-site scripting via an executable requested with a trailing slash appended to the filename

Overview A cross-site scripting vulnerability is reported to exist in MailPost version 5.1.1sv and possibly earlier versions. Description According to a report by ProCheckUp, MailPost is vulnerable to a Cross-Site Scripting attack by adding a trailing '/' character to the executable filename. The...

phpPOC.txt

PHP File Upload Vulnerability POC Title: Overwrite $FILE array in rfc1867 - Mime multipart/form-data File Upload Author: Stefano Di Paola Affected: Php "; if isuploadedfile$FILES'userfile''tmpname' && moveuploadedfile$FILES'userfile''tmpname', $uploadfile print "File is valid, and was successfull...

Debian DSA-419-1 : phpgroupware - missing filename sanitising, SQL injection

The authors of phpgroupware, a web-based groupware system written in PHP, discovered several vulnerabilities. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2004-0016 In the 'calendar' module, 'save extension' was not enforced for holiday files. As a...

BBS E-Market Professional index.php filename Parameter Traversal Arbitrary File Access

The remote host is running BBS E-Market Professional, a Korean e-commerce application written in PHP.\n There is a directory traversal vulnerability in the 'filename' parameter of '/bemarket/shop/index.php'. A remote attacker could exploit this to read sensitive information on the system...

Cisco TFTP Server Long Filename DoS (Bug ID CSCdy03429)

Binary data 2243.prm...

Cisco TFTP Server Long Filename DoS (Bug ID CSCdy03429)

Binary data 2244.prm...

CVE-2003-0055

Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename...

CVE-2002-0850

Buffer overflow in PGP Corporate Desktop 7.1.1 allows remote attackers to execute arbitrary code via an encrypted document that has a long filename when it is decrypted...