CVE-2004-1469

Format string vulnerability in the log function in SUS 2.0.2, and other versions before 2.0.6, allows local users to execute arbitrary code via format string specifiers in a command line argument that is passed directly to syslog...

CVE-2004-2269

Stack-based buffer overflow in pads.c in Passive Asset Detection System Pads might allow local users to execute arbitrary code via a long report file name argument. NOTE: since Pads is not normally installed setuid, this may not be a vulnerability...

CVE-2004-2489

Format string vulnerability in IBM Informix Dynamic Server IDS before 9.40.xC3 allows local users to execute arbitrary code via a modified INFORMIXDIR environment variable that points to a file with format string specifiers in the filename...

CVE-2004-2552

Buffer overflow in XBoard 4.2.7 and earlier might allow local users to execute arbitrary code via a long -icshost command line argument. NOTE: since the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privileg...

DEBIAN-CVE-2004-2552

Buffer overflow in XBoard 4.2.7 and earlier might allow local users to execute arbitrary code via a long -icshost command line argument. NOTE: since the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privileg...

CVE-2004-1772

Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument...

Solaris 7/8/9 CDE LibDTHelp Local Buffer Overflow Exploit

Exploit for solaris platform in category local exploits ========================================================= Solaris 7/8/9 CDE LibDTHelp Local Buffer Overflow Exploit ========================================================= / $Id: raptorlibdthelp.c,v 1.1 2004/12/04 14:44:38 raptor Exp $...

Solaris 7/8/9 CDE LibDTHelp - Local Buffer Overflow (1)

/ $Id: raptorlibdthelp.c,v 1.1 2004/12/04 14:44:38 raptor Exp $ raptorlibdthelp.c - libDtHelp.so local, Solaris/SPARC 7/8/9 Copyright c 2003-2004 Marco Ivaldi Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via a modified DTHELPUSERSEARCHPATH environment...

CVE-2004-0834

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via 1 modemrun, 2 pppoa2, or 3 pppoa3...

CVE-2004-1263

The CVE-2004-1263 issue affects ChangePassword 0.8. When installed setuid, local users can cause arbitrary code execution by manipulating the PATH to reference a malicious make program. The vulnerability stems from overriding PATH, allowing a locally executed, attacker-provided make to run with e...

DEBIAN-CVE-2004-0454

Buffer overflow in the msg function for rlpr daemon rlprd 2.04 allows local users to execute arbitrary code...

security flaw

The binfmtelf loader binfmtelf.c in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code...

CVE-2004-1352

Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code...

CVE-2004-0834

Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via 1 modemrun, 2 pppoa2, or 3 pppoa3...

security flaw

The 1 libsasl and 2 libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASLPATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASLPATH to point to malicious programs...

CVE-2004-0643

Double free vulnerability in the krb5rdcred function for MIT Kerberos 5 krb5 1.3.1 and earlier may allow local users to execute arbitrary code...

Apple Mac OS X CoreFoundation contains a buffer overflow vulnerability

Overview There is a vulnerability in the Mac OS X CoreFoundation framework that could allow a local attacker to execute arbitrary code. Description The Core Foundation framework CoreFoundation.framework is designed to allow code and data sharing between frameworks, libraries, and applications in...

CVE-2002-1403

dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script...

CVE-2003-0062

Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name...

CVE-2002-1349

Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and 2003 allows local users to execute arbitrary code via a long input string to TCP port 110 POP3...