4293 matches found
CVE-2003-0972
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" semicolon characters in escape sequences, which leads to a buffer overflow...
CVE-2003-0947
The CVE-2003-0947 entry concerns the wireless config tool iwconfig . A vulnerability exists where, if iwconfig is installed with setuid , a buffer overflow can occur via a long OUT environment variable, allowing local arbitrary code execution . The NVD metrics describe a HIGH base score with a LO...
DEBIAN-CVE-2003-0853
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd...
CVE-2003-1140
Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file...
CVE-2003-0771
Gallery.pm in Apache::Gallery aka A::G uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does...
CVE-2003-0671
Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow...
CVE-2003-0232
Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls LPC port that leads to a buffer overflow...
Microsoft SQL Server local code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake Inc. www.atstake.com Security Advisory Advisory Name: Microsoft SQL Server local code execution Release Date: 07/23/2003 Application: Microsoft SQL Server 7, 2000, MSDE Platform: Windows NT/2000/XP Severity: Local code execution / Denial of...
CVE-2003-0452
The CVE-2003-0452 issue affects the Operator Shell (OSH) up to version 1.7-11. A buffer overflow in OSH can be triggered by long environment variables or lengthy file redirections, enabling a local attacker to execute arbitrary code and bypass the shell’s restrictions. Public sources (including D...
CVE-2003-0390
Multiple buffer overflows in Options Parsing Tool OPT shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as optwarn2, as used in functions such as optatoi...
CVE-2003-0390
Multiple buffer overflows in Options Parsing Tool OPT shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as optwarn2, as used in functions such as optatoi...
Ifenslave 0.0.7 - Argument Local Buffer Overflow (1)
source: https://www.securityfocus.com/bid/7682/info ifenslave for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an internal memory space. It is possible...
Maelstrom Player 3.0.x - Argument Buffer Overflow (1)
source: https://www.securityfocus.com/bid/7632/info Maelstrom for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an internal memory space. It may be...
Maelstrom Player 3.0.x - Argument Buffer Overflow (2)
Maelstrom Player 3.0.x - Argument Buffer Overflow 2 // source: https://www.securityfocus.com/bid/7632/info Maelstrom for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it ...
Maelstrom Server 3.0.x - Argument Buffer Overflow (1)
source: https://www.securityfocus.com/bid/7630/info Maelstrom for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an internal memory space. It may be...
SheerDNS < 1.0.1 Multiple Vulnerabilities
The remote server seems to be running SheerDNS 1.0.0 or older. This version is vulnerable to several flaws allowing : - A remote attacker to read certain files with predefined names A, PTR, CNAME, ... - A local attacker to read the first line of arbitrary files with the privileges of the DNS serv...
CVE-2001-1375
tcl/tk package tcltk 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory...
CVE-2002-1051
Format string vulnerability in TrACESroute 6.0 GOLD aka NANOG traceroute allows local users to execute arbitrary code via the -T terminator command line argument...
CVE-2003-0004
Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter...
CVE-2003-0056
Buffer overflow in secure locate slocate before 2.7 allows local users to execute arbitrary code via a long 1 -c or 2 -r command line argument...