8515 matches found
CVE-2005-3154
CVE-2005-3154 is a format-string vulnerability in BitDefender Antivirus logging functionality (versions 7.2–9). The flaw arises when printing logging information for file/directory names, allowing a remote attacker to trigger a denial of service and potentially execute arbitrary code. Related adv...
CVE-2005-3150
Format string vulnerability in the LogFlush function in Weex 2.6.1.5, 2.6.1, and possibly other versions allows remote FTP servers to execute arbitrary code via format strings in filenames...
SUSE-SA:2005:054: evolution
The remote host is missing the patch for the advisory SUSE-SA:2005:054 evolution. Several format string bugs allowed remote attackers to cause evolution to crash or even execute code via full vCard data, contact data from remote LDAP servers, task list data from remote servers CVE-2005-2549 or...
Debian DSA-841-1 : mailutils - format string vulnerability
A format string vulnerability has been discovered in GNU mailutils which contains utilities for handling mail that allows a remote attacker to execute arbitrary code on the IMAP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...
Mandrake Linux Security Advisory : evolution (MDKSA-2005:141)
Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 full vCard data, 2 contact data from remote LDAP servers, or 3 task list data from remote servers. CVE-2005-2549 A format...
Mandrake Linux Security Advisory : proftpd (MDKSA-2005:140)
Two format string vulnerabilities were discovered in ProFTPD. The first exists when displaying a shutdown message containin the name of the current directory. This could be exploited by a user who creates a directory containing format specifiers and sets the directory as the current directory whe...
Slackware 10.0 / 10.1 / current : gxine format string vulnerability (SSA:2005-203-04)
New gxine packages are available for Slackware 10.0, 10.1, and -current to fix a format string security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2005-203-04. The text itself i...
Debian DSA-826-1 : helix-player - multiple vulnerabilities
Multiple security vulnerabilities have been identified in the helix-player media player that could allow an attacker to execute code on the victim's machine via specially crafted network resources. - CAN-2005-1766 Buffer overflow in the RealText parser could allow remote code execution via a...
RHEL 4 : HelixPlayer (RHSA-2005:788)
The remote Redhat Enterprise Linux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2005:788 advisory. HelixPlayer is a media player. A format string bug was discovered in the way HelixPlayer processes RealPix .rp files. It is possible for a...
[SECURITY] [DSA 841-1] New mailutils packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 841-1 [email protected] http://www.debian.org/security/ Martin Schulze October 4th, 2005 http://www.debian.org/security/faq -...
DSA-841-1 mailutils - format string vulnerability
Bulletin has no description...
Weex format string bug
Format string bug in logging function...
[SA17028] Weex "log_flush()" Format String Vulnerability
TITLE: Weex "logflush" Format String Vulnerability SECUNIA ADVISORY ID: SA17028 VERIFY ADVISORY: http://secunia.com/advisories/17028/ CRITICAL: Less critical IMPACT: DoS, System access WHERE: From local network SOFTWARE: Weex 2.x http://secunia.com/product/5791/ DESCRIPTION: Emanuel Haupt has...
Multiple gopherd bugs
Integer overflows, format string bug in logging...
Helix Player / Real Player format string bug
Format string bugs on .rt / .rp files parsing...
[Full-disclosure] iDEFENSE Security Advisory 09.30.05: RealNetworks RealPlayer/HelixPlayer RealPix Format String Vulnerability
RealNetworks RealPlayer/HelixPlayer RealPix Format String Vulnerability iDEFENSE Security Advisory 09.30.05 www.idefense.com/application/poi/display?id=311&type=vulnerabilities September 30, 2005 I. BACKGROUND RealPlayer is an application for playing various media formats, developed by RealNetwor...
[SECURITY] [DSA 826-1] New helix-player packages fix multiple vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 826-1 [email protected] http://www.debian.org/security/ Michael Stone September 29th, 2005 http://www.debian.org/security/faq -...
[SECURITY] [DSA 826-1] New helix-player packages fix multiple vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 826-1 [email protected] http://www.debian.org/security/ Michael Stone September 29th, 2005 http://www.debian.org/security/faq -...
DSA-826-1 helix-player - multiple
Bulletin has no description...
Multiple antiviruses file scanning bypass and format string bug
It's possible to bypass file scanning by using special characters for example 01 in filename. Format string bug perenset while parsing filename in BitDefender...