CVE-2003-0053

Cross-site scripting XSS vulnerability in parsexml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message...

Qualcomm Eudora 5.05.16.0 - Long Attachment Filename Denial of Service (2)

Qualcomm Eudora 5.05.16.0 - Long Attachment Filename Denial of Service 2 source: https://www.securityfocus.com/bid/7026/info Eudora may crash when handling messages which contain attachments with excessively long filenames. This condition reportedly occurs when messages with malformed attachment...

Symantec Norton Antivirus bufffer overflow

Buffer overflow on oversized filename inside archive...

CVE-2003-0057

Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code 1 via a long attachment filename that is not properly handled by the hypermail executable, or 2 by connecting to the mail CGI program from an IP address...

Important: Red Hat Security Advisory: kdelibs security update

A security issue has been found in KDE. This errata provides updates which resolve these issues. KDE is a graphical desktop environment for the X Window System. KDE fails in multiple places to properly quote URLs and filenames before passing them to a command shell. This could allow remote...

CVE-2003-0041

Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe | character in a filename that is retrieved by the client...

CVE-2003-0057

Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code 1 via a long attachment filename that is not properly handled by the hypermail executable, or 2 by connecting to the mail CGI program from an IP address...

CVE-2002-1812

Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter...

CVE-2002-1847

Buffer overflow in mplay32.exe of Microsoft Windows Media Player WMP 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability...

CVE-2002-2120

Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to execute arbitrary code via long filename arguments to 1 Watcom or 2 int10...

CVE-2002-2226

Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument...

CVE-2002-2228

MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via attachments with a filename with 1 extra leading spaces, 2 extra trailing spaces, or 3 alternate character encodings that cannot be processed by MailScanner...

CVE-2002-1321

Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via 1 a Synchronized Multimedia Integration Language SMIL file with a long parameter, 2 a long long filename in a rtsp:// request, e.g. from a .m3u file, or 3 certain "Now Playing" options on a...

FTP clients directory traversal

Server can put relative or absolute path in filename...

CVE-2002-1321

Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code via 1 a Synchronized Multimedia Integration Language SMIL file with a long parameter, 2 a long long filename in a rtsp:// request, e.g. from a .m3u file, or 3 certain "Now Playing" options on a...

Perception LiteServe HTTP CGI Disclosure Vulnerability

Christopher Fillion's "Perception" web site hosts the LiteServe combination server for Win32. The server offers HTTP, FTP, SMTP, POP3, and Telnet services. Included in the HTTP service is a Common Gateway Interface CGI feature that allows you to specify a CGI alias, as well as "filters" that are...

CVE-2002-0850

Buffer overflow in PGP Corporate Desktop 7.1.1 allows remote attackers to execute arbitrary code via an encrypted document that has a long filename when it is decrypted...

Microsoft Windows Media Player 67 - Filename Buffer Overflow

Microsoft Windows Media Player 67 - Filename Buffer Overflow source: https://www.securityfocus.com/bid/5357/info The Microsoft Windows Media Player executable is prone to a buffer overflow condition when invoked with an oversized filename. Since the program is executed in the context of the user...

Microsoft Windows Media Player 6/7 - Filename Buffer Overflow

source: https://www.securityfocus.com/bid/5357/info The Microsoft Windows Media Player executable is prone to a buffer overflow condition when invoked with an oversized filename. Since the program is executed in the context of the user invoking it, it is not likely that a local attacker could...

MIME::Tools Perl module and virus scanners

Background ---------- MIME::Tools is a very nice Perl module for parsing and constructing MIME-encoded mail messages. The latest stable version is 5.411a. MIME::Tools works very well on valid MIME messages. However, there are a number of problems if you use it to implement server-based mail...