8515 matches found
SUSE CVE-2004-0980
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code...
SUSE CVE-2004-1004
Multiple format string vulnerabilities in Midnight Commander mc 4.5.55 and earlier allow remote attackers to have an unknown impact...
SUSE CVE-2005-0397
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick before 6.0.2.5 may allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in a filename argument to convert, which may be called by...
SUSE CVE-2005-0665
Format string vulnerability in xv before 3.10a allows remote attackers to execute arbitrary code via format string specifiers in a filename...
SUSE CVE-2005-1127
Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server Postgrey 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service crash via format string specifiers that are not properly handl...
SUSE CVE-2005-1463
Multiple format string vulnerabilities in the 1 DHCP and 2 ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code...
SUSE CVE-2005-1686
Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service application crash via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email...
SUSE CVE-2005-2367
Format string vulnerability in the protoitemsettext function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet...
SUSE CVE-2005-2550
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab...
SUSE CVE-2005-2549
Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 full vCard data, 2 contact data from remote LDAP servers, or 3 task list data from remote servers...
SUSE CVE-2005-2710
Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the 1 image handle or 2 timeformat attribute in a RealPix .rp or RealText .rt file...
SUSE CVE-2005-2958
Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 libgda2 1.2.1 and earlier allow attackers to execute arbitrary code...
SUSE CVE-2005-2967
Format string vulnerability in inputcdda.c in xine-lib 1-beta through 1-beta 3, 1-rc, 1.0 through 1.0.2, and 1.1.1 allows remote servers to execute arbitrary code via format string specifiers in metadata in CDDB server responses when the victim plays a CD...
SUSE CVE-2005-3393
Format string vulnerability in the foreignoption function in options.c for OpenVPN 2.0.x allows remote clients to execute arbitrary code via format string specifiers in a push of the dhcp-option command option...
SUSE CVE-2005-3523
Format string vulnerability in friendsd2 in GpsDrive allows remote attackers to execute arbitrary code via the dir direction field...
SUSE CVE-2005-3912
Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service crash or memory consumption and possibly execute arbitrary code via format string specifiers in the usernam...
SUSE CVE-2005-3962
Integer overflow in the format string functionality Perlsvvcatpvfn in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as...
SUSE CVE-2006-0082
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name...
SUSE CVE-2006-0150
Multiple format string vulnerabilities in the authldaplogreason function in Apache authldap 1.6.0 and earlier allows remote attackers to execute arbitrary code via various vectors, including the username...
SUSE CVE-2006-0200
Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages...