Ubuntu 7.10 / 8.04 LTS : yelp vulnerability (USN-638-1)

Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges. Note that Tenable Network...

USN-638-1: Yelp vulnerability

Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges...

Stack overflow

Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings...

CVE-2008-1104

Stack-based buffer overflow in Foxit Reader before 2.3 build 2912 allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file, related to the util.printf JavaScript function and floating point specifiers in format strings...

CVE-2008-1658

Format string vulnerability in the grant helper polkit-grant-helper.c in PolicyKit 0.7 and earlier allows attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in a password...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : evolution vulnerability (USN-583-1)

Ulf Harnhammar discovered that Evolution did not correctly handle format strings when processing encrypted emails. A remote attacker could exploit this by sending a specially crafted email, resulting in arbitrary code execution. Note that Tenable Network Security has extracted the preceding...

USN-583-1: Evolution vulnerability

Ulf Harnhammar discovered that Evolution did not correctly handle format strings when processing encrypted emails. A remote attacker could exploit this by sending a specially crafted email, resulting in arbitrary code execution...

Debian Security Advisory DSA 943-1 (perl)

The remote host is missing an update to perl announced via advisory DSA 943-1. Jack Louis discovered an integer overflow in Perl, Larry Wall's Practical Extraction and Report Language, that allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via specially crafted...

Debian: Security Advisory (DSA-584-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-139)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 6.06 LTS / 6.10 : evolution vulnerability (USN-442-1)

Ulf Harnhammar of Secunia Research discovered that Evolution did not correctly handle format strings when displaying shared memos. If a remote attacker tricked a user into viewing a specially crafted shared memo, they could execute arbitrary code with user privileges. Note that Tenable Network...

Fedora 7 : vavoom-1.24-3.fc7 (2007-1977)

Security update fixing various format strings vulnerabilities and a DOS vulnerability in the vavoom server, this fixes: CVE-2007-4533, CVE-2007-4534 & CVE-2007-4535. Also see bugzilla bug 256621. Note that Tenable Network Security has extracted the preceding description block directly from the...

USN-438-1: Inkscape vulnerability

A flaw was discovered in Inkscape's use of format strings. If a user were tricked into opening a specially crafted URI in Inkscape, a remote attacker could execute arbitrary code with user privileges...

Format string

Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeetingloginsert function...

VLC media player: Format string vulnerability

Background VLC media player is a multimedia player for various audio and video formats. Description Kevin Finisterre has discovered that when handling media locations, various functions throughout VLC media player make improper use of format strings. Impact An attacker could entice a user to open...

CVE-2005-4817

Format string vulnerability in ui.c in Textbased MSN Client TMSNC before 0.2.5 allows attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors that cause format strings to be injected into the wprintw function...

DEBIAN-CVE-2006-6692

Multiple format string vulnerabilities in zabbix before 20061006 allow attackers to cause a denial of service application crash and possibly execute arbitrary code via format string specifiers in information that would be recorded in the system log using 1 zabbixlog or 2 zabbixsyslog...

Solaris locale Format Strings (noexec stack) Exploit

No description provided by source. / exploit for locale subsystem format strings bug In Solaris with noexec stack. Tested in Solaris 2.6/7.0 If it wont work, try adjust retloc offset. e.g. ./ex -o -4 $gcc -o ex ex.c ldd /usr/bin/passwd|sed -e 's/^.lib\0-9a-zA-Z\.so./-l\1/' usages: ./ex -h Thanks...

Linux eXtremail 1.5.x Remote Format Strings Exploit

No description provided by source. // / Linux eXtremail 1.5.x Remote Format Strings Exploit / / / / / / By B-r00t - 02/07/2003 / / / / Versions: Linux eXtremail-1.5-8 = VULNERABLE / / Linux eXtremail-1.5-5 = VULNERABLE / / Exploit uses format strings bug in fLog of smtpd to bind a / / r00tshell t...

wu-ftpd 2.6.0 Remote Format Strings Exploit

No description provided by source. / 12:40 11/10/00: Tool for either attack or defense within an information warfare setting. Rather, it is a small program demonstrating proof of concept. Default values for solaris 2.8 and inetd. If you are not the intended recipient, or a person responsible for...