Lucene search
+L

82 matches found

Prion
Prion
added 2013/02/08 8:55 p.m.37 views

Buffer overflow

Buffer overflow in the extendbuffers function in the regular expression matcher posix/regexec.c in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service memory corruption and crash via crafted multibyte characters...

5CVSS7.3AI score0.02851EPSS
Exploits0References15Affected Software1
Cvelist
Cvelist
added 2013/02/08 8:0 p.m.25 views

CVE-2013-0242

Buffer overflow in the extendbuffers function in the regular expression matcher posix/regexec.c in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service memory corruption and crash via crafted multibyte characters...

7.6AI score0.02851EPSS
Exploits0References15
Debian CVE
Debian CVE
added 2013/02/08 8:0 p.m.29 views

CVE-2013-0242

Buffer overflow in the extendbuffers function in the regular expression matcher posix/regexec.c in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service memory corruption and crash via crafted multibyte characters...

5CVSS8.1AI score0.02851EPSS
Exploits0
NVD
NVD
added 2012/12/18 1:55 a.m.6 views

CVE-2012-5468

Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an email containing a base64 string that is decoded to incomplete multibyte characters...

7.5CVSS7.9AI score0.06259EPSS
Exploits1References11
Cvelist
Cvelist
added 2012/12/18 1:0 a.m.22 views

CVE-2012-5468

Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an email containing a base64 string that is decoded to incomplete multibyte characters...

7.8AI score0.06259EPSS
Exploits1References11
Debian CVE
Debian CVE
added 2012/12/18 1:0 a.m.55 views

CVE-2012-5468

Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an email containing a base64 string that is decoded to incomplete multibyte characters...

7.5CVSS8AI score0.06259EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/04/15 12:0 a.m.37 views

RedHat Security Advisory RHSA-2009:0337

The remote host is missing updates announced in advisory RHSA-2009:0337. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A heap-based buffer overflow flaw was found in PHP's mbstring extension. A remote attacker able to pass arbitrary input to a PHP scrip...

10CVSS0.7AI score0.08845EPSS
Exploits13References2
Tenable Nessus
Tenable Nessus
added 2009/03/13 12:0 a.m.29 views

GLSA-200903-27 : ProFTPD: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200903-27 ProFTPD: Multiple vulnerabilities The following vulnerabilities were reported: Percent characters in the username are not properly handled, which introduces a single quote character during variable substitution by modsql...

7.5CVSS7.9AI score0.77398EPSS
Exploits1References3
NVD
NVD
added 2009/02/12 4:30 p.m.19 views

CVE-2009-0543

ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in 1 modsqlmysql and 2 modsqlpostgres...

6.8CVSS7.4AI score0.18722EPSS
Exploits0References7
Prion
Prion
added 2009/02/12 4:30 p.m.30 views

Sql injection

ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in 1 modsqlmysql and 2 modsqlpostgres...

6.8CVSS8.2AI score0.18722EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2009/02/12 4:30 p.m.1 views

DEBIAN-CVE-2009-0543

ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in 1 modsqlmysql and 2 modsqlpostgres...

6.8CVSS8.1AI score0.18722EPSS
Exploits0References1
OSV
OSV
added 2009/02/12 4:30 p.m.8 views

CVE-2009-0543

ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in 1 modsqlmysql and 2 modsqlpostgres...

7.4AI score
Exploits0References7
Cvelist
Cvelist
added 2009/02/12 4:0 p.m.36 views

CVE-2009-0543

ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in 1 modsqlmysql and 2 modsqlpostgres...

7.3AI score0.18722EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2009/02/12 4:0 p.m.49 views

CVE-2009-0543

ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in 1 modsqlmysql and 2 modsqlpostgres...

6.8CVSS7.6AI score0.18722EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/10/07 12:0 a.m.267 views

PHP < 5.2.6 Multiple Vulnerabilities (Aug 2008)

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

10CVSS9.5AI score0.10918EPSS
Exploits7References8
RedHat Linux
RedHat Linux
added 2008/07/16 9:57 a.m.6 views

PHP multibyte shell escape flaw

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...

10CVSS5.8AI score0.03102EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/07/16 9:36 a.m.6 views

PHP multibyte shell escape flaw

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...

10CVSS5.8AI score0.03102EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2008/07/02 1:15 p.m.15 views

PHP multibyte shell escape flaw

The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."...

10CVSS5.8AI score0.03102EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/10/15 12:0 a.m.25 views

Debian DSA-1386-1 : wesnoth - programming error

A problem has been discovered in the processing of chat messages. Overly long messages are truncated by the server to a fixed length, without paying attention to the multibyte characters. This leads to invalid UTF-8 on clients and causes an uncaught exception. Note that both wesnoth and the wesno...

7.8CVSS5.3AI score0.02105EPSS
Exploits0References2
Cvelist
Cvelist
added 2007/10/11 10:0 a.m.25 views

CVE-2007-3917

The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service crash via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the...

6.2AI score0.02105EPSS
Exploits0References13
Rows per page
Query Builder