Lucene search
K

8517 matches found

CVE
CVE
added 2007/01/23 12:0 a.m.59 views

CVE-2007-0021

Apple iChat 3.1.6 is affected by a format string vulnerability in the AIM URI handler. A remote attacker could exploit crafted aim:// URIs to cause a denial of service (null pointer dereference) and possibly execute arbitrary code. The issue is remediated by Apple Security Update 2007-002 (Mac OS...

7.5CVSS7.5AI score0.22974EPSS
Exploits1References11Affected Software1
Gentoo Linux
Gentoo Linux
added 2007/01/23 12:0 a.m.28 views

xine-ui: Format string vulnerabilities

Background xine-ui is a skin-based user interface for xine. xine is a free multimedia player. It plays CDs, DVDs, and VCDs, and can also decode other common multimedia formats. Description Due to the improper handling and use of format strings, the errorscreatewindow function in errors.c does not...

10CVSS7AI score0.03486EPSS
Exploits0
seebug.org
seebug.org
added 2007/01/22 12:0 a.m.23 views

Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC

No description provided by source. !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" html head titleMOAB-20-01-2007/title script function boom var str = ''; for var i = 0; i 20; i++ str = str + escape'A%n'; str = 'aim:gochat?roomname=' + str;...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/01/22 12:0 a.m.28 views

BitDefender Client Log Creation Functionality Format String

The version of BitDefender installed on the remote host fails to sanitize scan job settings of format strings. By leveraging this flaw, a local attacker may be able to crash the antivirus application or possibly even gain complete control of the affected system. C Tenable Network Security, Inc...

7.2CVSS5.6AI score0.00411EPSS
Exploits0References3
securityvulns
securityvulns
added 2007/01/21 12:0 a.m.54 views

MOAB-20-01-2007: Apple iChat aim:// URL Handler Format String Vulnerability

Summary Description from the Wikipedia article: AOL Instant Messenger AIM, ICQ, .Mac and Jabber client for Mac OS X. Using a Jabber-like protocol and Bonjour for user discovery, it also allows for LAN communication. iChat's AIM support is fully endorsed by AOL, and uses their official...

1AI score
Exploits0
securityvulns
securityvulns
added 2007/01/21 12:0 a.m.50 views

Apple iChat format string vulnerability

Format string vulnerability on aim:// URI parsing...

7.5CVSS3.2AI score0.22974EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2007/01/21 12:0 a.m.45 views

Colloquy IRC client multiple format string vulnerabilities

Multiple format string vulnerabilities, e.g. invite IRC command...

7.5CVSS2.1AI score0.06558EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2007/01/21 12:0 a.m.31 views

MOAB-16-01-2007: Multiple Colloquy IRC Format String Vulnerabilities

Summary Traditionally, chat clients on the Mac have been anything but glamorous. Colloquy is an advanced IRC & SILC client which aims to fill this void. By adhering to Mac OS X interface conventions, Colloquy has the look and feel of a quality Mac application. By making a common mistake the...

7.5AI score
Exploits0
0day.today
0day.today
added 2007/01/21 12:0 a.m.27 views

Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC

Exploit for macOS platform in category dos / poc =================================================================== Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC =================================================================== MOAB-20-01-2007 function boom var str = '';...

7AI score
Exploits0
securityvulns
securityvulns
added 2007/01/21 12:0 a.m.42 views

MOAB-02-01-2007: VLC Media Player udp:// Format String Vulnerability

Summary The following description of the software is provided by vendor VideoLAN: VideoLAN is a software project, which produces free software for video, released under the GNU General Public License. The main product is the cross-platform VLC media player. The VLC media player is a highly portab...

Exploits0
Exploit DB
Exploit DB
added 2007/01/21 12:0 a.m.49 views

Apple iChat 3.1.6 441 - 'aim://' URL Handler Format String (PoC)

MOAB-20-01-2007 function boom var str = ''; for var i = 0; i milw0rm.com 2007-01-21...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/01/20 12:0 a.m.29 views

MOAB-16-01-2007.rb.txt

!/usr/bin/ruby c Copyright 2006 Lance M. Havok Makes use of the Colloquy INVITE format string vulnerability. require 'socket' targetchannel = ARGV0 || "whatever" targetserver = ARGV1 || "irc.server.org" targetport = ARGV2 || 6667 randnick = "spongebo" channeljoined = false readytogo = false...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/01/20 12:0 a.m.37 views

BitDefender client format string vulnerability

Format string vulnerability on scan settings logging...

7.2CVSS1.6AI score0.00411EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/01/20 12:0 a.m.32 views

Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability

================================================ Layered Defense Research Advisory 18 January 2007 ================================================ 1 Affected Software BitDefender Client Professional Plus build 8.02 ================================================ 2 Severity Rating: Low risk...

7.3AI score
Exploits0
Prion
Prion
added 2007/01/19 11:28 p.m.17 views

Format string

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...

7.2CVSS7.7AI score0.00411EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/01/19 11:28 p.m.16 views

CVE-2007-0391

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...

7.2CVSS7.5AI score0.00411EPSS
Exploits0References6
CVE
CVE
added 2007/01/19 11:0 p.m.48 views

CVE-2007-0391

BitDefender Client Professional Plus 8.02 is affected by a format-string vulnerability in the log-creation functionality. An attacker could leverage this flaw via certain scan job settings to execute arbitrary code or take control of the affected system. The description and references across NVD/...

7.2CVSS7.5AI score0.00411EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/01/19 11:0 p.m.22 views

CVE-2007-0391

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...

7.5AI score0.00411EPSS
Exploits0References6
NVD
NVD
added 2007/01/18 2:28 a.m.15 views

CVE-2007-0344

Multiple format string vulnerabilities in 1 invitedToRoom: and 2 invitedToDirectChat: in Colloquy 2.1 and earlier allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in the channel name of an INVITE request, relate...

7.5CVSS7.6AI score0.06558EPSS
Exploits1References6
NVD
NVD
added 2007/01/18 2:28 a.m.10 views

CVE-2007-0338

Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log...

7.5CVSS8.1AI score0.04705EPSS
Exploits0References3
Rows per page
Query Builder