Idera Up.time agent for Windows formatting string vulnerability

Idera Up.time client for Windows is a Windows-based infrastructure performance monitoring software client from Idera Corporation. A formatting string vulnerability exists in Idera Up.time client for Windows versions 6.0 and 7.2. A remote attacker can exploit this vulnerability by sending a...

Six Apart Movable Type Formatting String Vulnerability

Six Apart Movable Type MT is a blogging system from Six Apart, Inc. Pro, Open Source, and Advanced are the professional, open source, and advanced versions of the system, respectively. A formatting string vulnerability exists in Six Apart MT. A remote attacker could exploit this vulnerability to...

IBM DB2 DTS To String Conversion - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11400/info IBM DB2 is reported prone to a denial of service vulnerability when DTS to string conversion is carried out. It is reported that during a DTS to string conversion a trap occurs if an empty formatting string is...

Fedora 19 : nas-1.9.3-7.fc19 (2013-17036)

This release fixes four security bugs: buffer overflow when parsing display number CVE-2013-4256, heap overflow when processing AUDIOHOST variable CVE-2013-4257, formatting string for syslog call CVE-2013-4258, and a race when opening a TCP device. Note that Tenable Network Security has extracted...

Fedora 20 : nas-1.9.3-9.fc20 (2013-16936)

This release fixes four security bugs: buffer overflow when parsing display number CVE-2013-4256, heap overflow when processing AUDIOHOST variable CVE-2013-4257, formatting string for syslog call CVE-2013-4258, and a race when opening a TCP device. Note that Tenable Network Security has extracted...

FreeBSD Ports: qpopper

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

IBM DB2 DTS To String Conversion - Denial of Service

IBM DB2 DTS To String Conversion - Denial of Service source: https://www.securityfocus.com/bid/11400/info IBM DB2 is reported prone to a denial of service vulnerability when DTS to string conversion is carried out. It is reported that during a DTS to string conversion a trap occurs if an empty...

IBM DB2 DTS To String Conversion - Denial of Service

source: https://www.securityfocus.com/bid/11400/info IBM DB2 is reported prone to a denial of service vulnerability when DTS to string conversion is carried out. It is reported that during a DTS to string conversion a trap occurs if an empty formatting string is provided. The vulnerability is...

Formatting string bug on cyrus-sasl library

This issue may be already have been on list. I assume that the moderator this case rejects this mail. On last non-beta version of cyrus-sasl library have formatting string bug on default logging callback. Default cyrys sasl logging callback is static int saslsyslogvoid context attributeunused, in...

CVE-2000-0442

Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command...

CVE-2000-0442

Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command...