CVE-2002-0360

Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program...

CVE-2002-0223

Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension...

CVE-2002-0198

Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in other programs such as xamime and inflex, allows remote attackers to execute arbitrary code via an attachment in a long filename...

Directory traversal in DocBook

During conversion to HTML identifuers are used to form a filename without check for ../...

GnuPG contains format-string vulnerability in handling of encrypted data filename

Overview Some versions of Gnu Privacy Guard GPG contain a format-string vulnerability from improper handling of filenames when decrypting files. Description GPG is an OpenPGP-compliant alternative to PGP to protect electronic communications using public-key cryptography. Versions of GPG prior to...

CVE-2002-0094

configconverters.py in BSCW Basic Support for Cooperative Work 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion...

compress(vul) + ftpd(?)

hyph@port $ rpm -qf which compress ncompress-4.2.4-21 hyph@port $ compress perl -e 'print "A" x 1100' AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...

Buffer overflow in mshtml.dll

Stack overflow on long filename or extension in EMBED tag...

[SECURITY] [DSA-103-1] glibc buffer overflow

Package : glibc Problem type : buffer overflow Debian-specific: no A buffer overflow has been found in the globbing code for glibc. This code which is used to glob patterns for filenames and is commonly used in applications like shells and FTP servers. This has been fixed in versino 2.1.3-20 and ...

Savant Web Server buffer overflow

Buffer overflow on oversized CGI filename, on oversized request...

DEBIAN-CVE-2001-1562

Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...

CVE-2001-1562

Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename...

Ошибка форматной строки в GnuPG (format string)

Ошбка форматной строки при отображении имени файла...

CVE-2001-0506

Buffer overflow in ssinc.dll in IIS 5.0 and 4.0 allows local users to gain system privileges via a Server-Side Includes SSI directive for a long filename, which triggers the overflow when the directory name is added, aka the "SSI privilege elevation" vulnerability...

CVE-2001-1036

GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database locatedb that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory...

PT-2001-1056 · Mit · Krb5-Configs +5

Name of the Vulnerable Software and Affected Versions: krb5-workstation versions 1.1.1 through 1.2.2 krb5-configs version 1.1.1 krb5-devel versions 1.1.1 through 1.2.2 krb5-server versions 1.1.1 through 1.2.2 krb5-libs version 1.1.1 krb5 version 1.1.1 through 1.2.2 Description: The issue affects...

CVE-2001-1344

WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by 1 inserting a null character or 2 .. dot dot...

Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution (2)

Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution 2 // source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request...

Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (2)

// source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...

Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution (8)

Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution 8 source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, i...