1948 matches found
Mozilla Firefox: Various vulnerabilities
Background Mozilla Firefox is the popular next-generation browser from the Mozilla project. Description The following vulnerabilities were found and fixed in Mozilla Firefox: Michael Krax reported that plugins can be used to load privileged content and trick the user to interact with it...
DEBIAN-CVE-2005-0638
xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command...
ImageMagick -- format string vulnerability
Tavis Ormandy reports: magemagick-6.2.0-3 fixes an potential issue handling malformed filenames, the flaw may affect webapps or scripts that use the imagemagick utilities for image processing, or applications linked with libMagick. This vulnerability could crash ImageMagick or potentially lead to...
CVE-2005-0484
Format string vulnerability in gprostats for GProFTPD before 8.1.9 may allow remote attackers to execute arbitrary code via an FTP transfer with a crafted filename that causes format string specifiers to be inserted into the ProFTPD transfer log...
security flaw
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames...
CVE-2005-0331
Directory traversal vulnerability in WinRAR 3.42 and earlier, when the user clicks on the ZIP file to extract it, allows remote attackers to create arbitrary files via a ... triple dot in the filename of the ZIP file...
CVE-2004-0947
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames...
CVE-2005-0182
The moddosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack...
CVE-2004-1185
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames...
CVE-2004-1442
Cross-site scripting XSS vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by error messages such as "DTWP001E."...
CVE-2004-0996
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack...
CVE-2004-0996
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack...
CVE-2004-0947
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames...
CVE-2004-0947
CVE-2004-0947 is confirmed across connected docs as a vulnerability in the unarj utility. The issue is a buffer overflow when handling long filenames in arj archives, enabling remote code execution. Related advisories additionally describe a directory-traversal weakness in the -x extract option t...
PT-2004-1120 · Unrarj Team · Unarj
Name of the Vulnerable Software and Affected Versions: unarj versions prior to 2.63a-r2 Description: The issue is caused by a buffer overflow in the unarj library, which handles data archiving. This can be exploited by a remote attacker to execute arbitrary code using an arj archive containing...
GLSA-200411-29 : unarj: Long filenames buffer overflow and a path traversal vulnerability
The remote host is affected by the vulnerability described in GLSA-200411-29 unarj: Long filenames buffer overflow and a path traversal vulnerability unarj has a bounds checking vulnerability within the handling of long filenames in archives. It also fails to properly sanitize paths when extracti...
Possible Buffer Overrun in smbd
Summary: A possible buffer overrun in smbd could lead to code execution by a remote user Patch Availability A patch for Samba 3.0.7 samba-3.0.7-CAN-2004-0882.patch is available from http://www.samba.org/samba/ftp/patches/security/. The patch has been signed with the "Samba Distribution Verificati...
smbd -- buffer-overrun vulnerability
Caused by improper bounds checking of certain trans2 requests, there is a possible buffer overrun in smbd. The attacker needs to be able to create files with very specific Unicode filenames on the share to take advantage of this issue...
unarj -- long filename buffer overflow
Ludwig Nussel has discovered a buffer overflow vulnerability in unarj's handling of long filenames which could potentially lead to execution of arbitrary code with the permissions of the user running unarj...
Debian DSA-100-1 : gzip - Potential buffer overflow
GOBBLES found a buffer overflow in gzip that occurs when compressing files with really long filenames. Even though GOBBLES claims to have developed an exploit to take advantage of this bug, it has been said by others that this problem is not likely to be exploitable as other security incidents...