3177 matches found
CVE-2009-2694
The msnslplinkprocessmsg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin formerly Gaim before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash by sending multiple...
Memory corruption
The msnslplinkprocessmsg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin formerly Gaim before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash by sending multiple...
CVE-2009-2694
The msnslplinkprocessmsg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin formerly Gaim before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash by sending multiple...
CVE-2009-2694
The msnslplinkprocessmsg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin formerly Gaim before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash by sending multiple...
CVE-2009-2661
The asn1length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificates with crafted Relative Distinguished Names RDNs, which allows remote attackers to cause a denial of service pluto IKE daemon crash via malformed ASN.1 data...
CVE-2009-1844
Multiple cross-site scripting XSS vulnerabilities in Drupal 5.x before 5.18 and 6.x before 6.12 allow 1 remote authenticated users to inject arbitrary web script or HTML via crafted UTF-8 byte sequences that are treated as UTF-7 by Internet Explorer 6 and 7, which are not properly handled in the...
CVE-2009-1376
Multiple integer overflows in the msnslplinkprocessmsg functions in the MSN protocol handler in 1 libpurple/protocols/msn/slplink.c and 2 libpurple/protocols/msnp9/slplink.c in Pidgin formerly Gaim before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed S...
CVE-2009-1381
The mapypalias function in functions/imapgeneral.php in SquirrelMail before 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. NOT...
CVE-2009-1381
The mapypalias function in functions/imapgeneral.php in SquirrelMail before 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. NOT...
pidgin incomplete fix for CVE-2008-2927
Multiple integer overflows in the msnslplinkprocessmsg functions in the MSN protocol handler in 1 libpurple/protocols/msn/slplink.c and 2 libpurple/protocols/msnp9/slplink.c in Pidgin formerly Gaim before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed S...
DSA-1802-2 squirrelmail - incomplete fix
Bulletin has no description...
Integer overflow
Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as 1 source-code tokens and 2 pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541...
CVE-2009-0148
Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as 1 source-code tokens and 2 pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541...
DEBIAN-CVE-2009-0148
Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as 1 source-code tokens and 2 pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541...
CVE-2009-0792
Multiple integer overflows in icc.c in the International Color Consortium ICC Format library aka icclib, as used in Ghostscript 8.64 and earlier and Argyll Color Management System CMS 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service heap-based buffer overflow and...
Mandriva Update for ktorrent MDKSA-2007:095 (ktorrent)
Check for the Version of ktorrent OpenVAS Vulnerability Test Mandriva Update for ktorrent MDKSA-2007:095 ktorrent Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for clamav MDVSA-2008:166 (clamav)
Check for the Version of clamav OpenVAS Vulnerability Test Mandriva Update for clamav MDVSA-2008:166 clamav Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
reporting CVE
Hello, CVE-2005-2573 is reported for MySQL 4.1.x before 4.1.13 and MySQL 5.0 before 5.0.7. However. I tested this vulnerability in MySQL 5.0.51a on Windows xp sp2, and found this version vulnerable too. According to CVE-2008-4098, that is reported because of an incomplete fix for CVE-2008-4097, i...
Ubuntu USN-726-2 (curl)
The remote host is missing an update to curl announced via advisory USN-726-2. OpenVAS Vulnerability Test $Id: ubuntu7262.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7262.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-726-2 curl Authors: Thomas Reinke...
CVE-2008-3076
The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the 1 mz and 2 mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue...