Lucene search
K

9603 matches found

0day.today
0day.today
added 2005/01/04 12:0 a.m.128 views

phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)

Exploit for unknown platform in category web applications ==================================================== phpBB / $ae= s//$1/; $uber=$1; $uber = s/ //g; $uber = s///g; $uber = s///g; $uber = s/wb...

7.1AI score
Exploits0
NVD
NVD
added 2004/11/03 5:0 a.m.18 views

CVE-2004-0216

Integer overflow in the Install Engine inseng.dll for Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious website or HTML email with a long .CAB file name, which triggers the integer overflow when calculating a buffer length and leads to a heap-bas...

10CVSS7.8AI score0.48671EPSS
Exploits0References15
CVE
CVE
added 2004/10/16 4:0 a.m.62 views

CVE-2004-0216

CVE-2004-0216 is an Install Engine vulnerability in Internet Explorer (inseng.dll) affecting IE 5.01, 5.5, and 6. It enables remote code execution when a user opens a malicious website or HTML email containing a long CAB file name, triggering an integer/buffer length overflow in the Install Engin...

10CVSS8AI score0.48671EPSS
Exploits0References15Affected Software2
CERT
CERT
added 2004/10/13 12:0 a.m.53 views

Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability

Overview The Active Setup Install Engine in Microsoft Internet Explorer contains a buffer overflow vulnerability. This may allow an attacker to take complete control of a vulnerable system. Description The Active Setup Install Engine inseng.dll permits cabinet files to be launched and executed...

10CVSS7.4AI score0.48671EPSS
Exploits0References2
Cvelist
Cvelist
added 2004/09/24 4:0 a.m.24 views

CVE-2004-0907

The Linux install .tar.gz archives for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8, create certain files with insecure permissions, which could allow local users to overwrite those files and execute arbitrary code...

6.8AI score0.00421EPSS
Exploits0References4
Cvelist
Cvelist
added 2004/09/14 4:0 a.m.31 views

CVE-2004-0841

Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability."...

7.5AI score0.48733EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2004/08/27 12:0 a.m.9 views

AIX 5.2 : IY50452

The remote host is missing AIX Critical Security Patch number IY50452 lqueryvg can fail for Bigvg. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/27 12:0 a.m.14 views

AIX 5.2 : IY35509

The remote host is missing AIX Critical Security Patch number IY35509 SECURITY: perfvmmstat extension privilege errors. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.12 views

Linux Software Detection Application Install (via Splunk): completed install or update

Binary data 710017.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.13 views

Windows Software Detection Application Install (via Splunk): code 7045

Binary data 710047.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.8 views

Windows Software Detection Application Install (via Splunk): code 1033

Binary data 710006.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.30 views

SUSE-SA:2003:037: pine

The remote host is missing the patch for the advisory SUSE-SA:2003:037 pine. The well known and widely used mail client pine is vulnerable to a buffer overflow. The vulnerability exists in the code processing 'message/external-body' type messages. It allows remote attackers to execute arbitrary...

7.5CVSS6.5AI score0.12579EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.14 views

SUSE-SA:2003:024: openssl

The remote host is missing the patch for the advisory SUSE-SA:2003:024 openssl. Researchers from the University of Stanford have discovered certain weaknesses in OpenSSL's RSA decryption algorithm. It allows remote attackers to compute the private RSA key of a server by observing its timing...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.16 views

SUSE-SA:2002:048: cyrus-imapd

The remote host is missing the patch for the advisory SUSE-SA:2002:048 cyrus-imapd. The cyrus imapd contains a buffer overflow which could be exploited by remote attackers prior to logging in. Attackers could generate oversized error messages and overflow buffers inside imapd. Additionally to thi...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/25 12:0 a.m.33 views

SuSE-SA:2004:013: cvs

The remote host is missing the patch for the advisory SuSE-SA:2004:013 cvs. The Concurrent Versions System CVS offers tools which allow developers to share and maintain large software projects. Stefan Esser reported buffer overflow conditions within the cvs program. They allow remote attackers to...

7.5CVSS6.4AI score0.67525EPSS
Exploits1References1
exploitpack
exploitpack
added 2004/07/24 12:0 a.m.15 views

PostNuke 0.7x - Install Script Administrator Password Disclosure

PostNuke 0.7x - Install Script Administrator Password Disclosure source: https://www.securityfocus.com/bid/10793/info It is reported that PostNuke may disclose administrator authentication credentials to remote attackers. This issue presents itself because the application fails to remove the...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/07/24 12:0 a.m.27 views

PostNuke 0.7x - Install Script Administrator Password Disclosure

source: https://www.securityfocus.com/bid/10793/info It is reported that PostNuke may disclose administrator authentication credentials to remote attackers. This issue presents itself because the application fails to remove the install script 'install.php' after installation. This can allow an...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/23 12:0 a.m.17 views

Solaris 9 (sparc) : 116559-01

SunOS 5.9: powerd pmconfig patch. Date this patch was last updated by Sun : Jul/16/04 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/12 12:0 a.m.7 views

Solaris 7 (x86) : 110071-01

SunOS 5.7x86: security: libcurses:setupterm has buffer overflow. Date this patch was last updated by Sun : Mar/09/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...

0.2AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/07/12 12:0 a.m.24 views

Solaris 2.5.1 (x86) : 111282-01

SunOS 5.5.1x86: finger doesn't always correctly match NULL userna. Date this patch was last updated by Sun : Jun/15/01 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network...

7.3AI score
Exploits0References1
Rows per page
Query Builder