Lucene search
K

8517 matches found

Cvelist
Cvelist
added 2006/05/16 10:0 a.m.19 views

CVE-2006-2409

Format string vulnerability in the raydiumlog function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydiumconsolelineadd...

7.2AI score0.00894EPSS
Exploits0References8
CVE
CVE
added 2006/05/16 10:0 a.m.32 views

CVE-2006-2409

CVE-2006-2409 affects Raydium prior to SVN revision 310, where a format string vulnerability in the raydium_log function (console.c) can allow local users to execute arbitrary code through format specifiers in the format parameter, not properly handled in a call to raydium_console_line_add. Affec...

4.6CVSS7.2AI score0.00894EPSS
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2006/05/13 12:0 a.m.38 views

Multiple Raydium game engine security vulnerabilities

Buffer overflows, format string vulnerabilities, DoS conditions in both server and client parts...

3.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2006/05/13 12:0 a.m.26 views

[Full-disclosure] Multiple vulnerabilities in Raydium rev 309

Luigi Auriemma Application: Raydium http://raydium.org Versions: = SVN revision 309 newer versions can be vulnerable to some of the bugs which are still unfixed Platforms: Windows, nix, BSD and others Bugs: A buffer-overflow in raydiumlog and raydiumconsolelineadd B format string in raydiumlog C...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.25 views

FreeBSD : gedit -- format string vulnerability (e319da0b-a228-11da-b410-000e0c2e438a)

Yan Feng reports a format string vulnerability in gedit. This vulnerability could cause a denial of service with a binary file that contains format string characters within the filename. It had been reported that web browsers and email clients can be configured to provide a filename as an argumen...

2.6CVSS5.4AI score0.07655EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.28 views

FreeBSD : perl, webmin, usermin -- perl format string integer wrap vulnerability (bb33981a-7ac6-11da-bf72-00123f589060)

The Perl Development page reports : Dyad Security recently released a security advisory explaining how in certain cases, a carefully crafted format string passed to sprintf can cause a buffer overflow. This buffer overflow can then be used by an attacker to execute code on the machine. This was...

7.5CVSS9AI score0.1448EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.29 views

FreeBSD : evolution -- remote format string vulnerabilities (e5afdf63-1746-11da-978e-0001020eed82)

A SITIC Vulnerability Advisory reports : Evolution suffers from several format string bugs when handling data from remote sources. These bugs lead to crashes or the execution of arbitrary assembly language code. - The first format string bug occurs when viewing the full vCard data attached to an...

7.5CVSS5.6AI score0.04426EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.24 views

FreeBSD : libxine -- format string vulnerability (3bc5691e-38dd-11da-92f5-020039488e34)

Gentoo Linux Security Advisory reports : Ulf Harnhammar discovered a format string bug in the routines handling CDDB server response contents. An attacker could submit malicious information about an audio CD to a public CDDB server or impersonate a public CDDB server. When the victim plays this C...

7.5CVSS5.7AI score0.09676EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.21 views

FreeBSD : proftpd -- format string vulnerabilities (c28f4705-043f-11da-bc08-0001020eed82)

The ProFTPD release notes states : sean found two format string vulnerabilities, one in modsql's SQLShowInfo directive, and one involving the 'ftpshut' utility. Both can be considered low risk, as they require active involvement on the part of the site administrator in order to be exploited. Thes...

6.4CVSS5.5AI score0.09198EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.11 views

FreeBSD : weex -- remote format string vulnerability (d4c70df5-335d-11da-9c70-0040f42d58c6)

Emanuel Haupt reports : Someone who controls an FTP server that weex will log in to can set up malicious data in the account that weex will use, and that will cause a format string bug that will allow remote code execution. It will only happen when weex is first run or when its cache files are...

6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.24 views

FreeBSD : SSH.COM SFTP server -- format string vulnerability (594ad3c5-a39b-11da-926c-0800209adf0e)

SSH Communications Security Corp reports a format string vulnerability in their SFTP server. This vulnerability could cause a user with SCP/SFTP access only to get permission to execute also other commands. It could also allow user A to create a special file that when accessed by user B allows us...

6.5CVSS5.6AI score0.10188EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.34 views

FreeBSD : xine -- multiple remote string vulnerabilities (8d4ae57d-d2ab-11da-a672-000e0c2e438a)

c0ntexb reports : There are 2 format string bugs in the latest version of Xine that could be exploited by a malicious person to execute code on the system of a remote user running the media player against a malicious playlist file. By passing a format specifier in the path of a file that is...

7.5CVSS5.9AI score0.14259EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.26 views

FreeBSD : clamav -- Multiple Vulnerabilities (6a5174bd-c580-11da-9110-00123ffe8333)

Secunia reports : Some vulnerabilities have been reported in ClamAV, which potentially can be exploited by malicious people to cause a DoS Denial of Service and compromise a vulnerable system. An unspecified integer overflow error exists in the PE header parser in 'libclamav/pe.c'. Successful...

10CVSS8.6AI score0.11352EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.32 views

FreeBSD : kpopup -- local root exploit and local denial of service (1613db79-8e52-11da-8426-000fea0a9611)

Mitre CVE reports : Format string vulnerability in main.cpp in kpopup 0.9.1-0.9.5pre2 allows local users to cause a denial of service segmentation fault and possibly execute arbitrary code via format string specifiers in command line arguments. misc.cpp in KPopup 0.9.1 trusts the PATH variable wh...

7.2CVSS6AI score0.01005EPSS
Exploits2References5
OSV
OSV
added 2006/05/05 7:2 p.m.7 views

CVE-2006-2230

Multiple format string vulnerabilities in xiTK xitk/main.c in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack...

6.3AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2006/05/05 7:2 p.m.35 views

CVE-2006-2230

Multiple format string vulnerabilities in xiTK xitk/main.c in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack...

5CVSS5.9AI score0.07095EPSS
Exploits0References1
NVD
NVD
added 2006/05/05 7:2 p.m.25 views

CVE-2006-2230

Multiple format string vulnerabilities in xiTK xitk/main.c in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack...

5CVSS6.3AI score0.07095EPSS
Exploits0References4
Prion
Prion
added 2006/05/05 7:2 p.m.22 views

Format string

Multiple format string vulnerabilities in xiTK xitk/main.c in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack...

5CVSS6.6AI score0.14259EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2006/05/05 7:2 p.m.2 views

DEBIAN-CVE-2006-2230

Multiple format string vulnerabilities in xiTK xitk/main.c in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack...

5CVSS6.5AI score0.07095EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/05/05 7:0 p.m.26 views

CVE-2006-2230

Multiple format string vulnerabilities in xiTK xitk/main.c in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack...

6.2AI score0.07095EPSS
Exploits0References4
Rows per page
Query Builder