Integer overflow

Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow. NOTE: some of these details are...

CVE-2008-3732

VLC Media Player (version around 0.8.6i) is affected by CVE-2008-3732 due to an integer overflow in the Open() function (modules/demux/tta.c). This causes a heap-based buffer overflow that can lead to remote denial of service (crash) and potentially remote code execution when a crafted TTA file i...

GLSA-200807-13 : VLC: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200807-13 VLC: Multiple vulnerabilities Remi Denis-Courmont reported that VLC loads plugins from the current working directory in an unsafe manner CVE-2008-2147. Alin Rad Pop Secunia Research reported an integer overflow error in...

Integer overflow

Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file...

CVE-2008-2430

Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file...

CVE-2008-2430

CVE-2008-2430 affects VLC Media Player 0.8.6h on Windows via an integer overflow in the Open() function of modules/demux/wav.c when parsing a WAV fmt chunk that is too large. This vulnerability could allow remote code execution by luring a user to open a specially crafted WAV file. Related adviso...

kernel: Missing ioctl() permission checks in aacraid driver

The 1 aaccfgopen and 2 aaccompatioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges...

shadow: Privilege escalation

Background shadow provides a set of utilities to deal with user accounts. Description When the mailbox is created in useradd, the "open" function does not receive the three arguments it expects while OCREAT is present, which leads to random permissions on the created file, before fchmod is...

CVE-2006-1174

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...

CVE-2006-1174

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...

FreeBSD : awstats -- arbitrary command execution vulnerability (2df297a2-dc74-11da-a22b-000c6ec775d9)

OS Reviews reports : If the update of the stats via web front-end is allowed, a remote attacker can execute arbitrary code on the server using a specially crafted request involving the migrate parameter. Input starting with a pipe character '|' leads to an insecure call to Perl's open function an...

AWStats migrate Parameter Arbitrary Command Execution

The remote host is running AWStats, a free logfile analysis tool written in Perl. The version of AWStats installed on the remote host fails to sanitize input to the 'migrate' parameter before passing it to a Perl 'open' function. Provided 'AllowToUpdateStatsFromBrowser' is enabled in the AWStats...

linux/x86 upload & exec 189 bytes

linux/x86 upload & exec 189 bytes. Shellcode exploit for linx86 platform UPLOAD & EXEC SHELLCODE 1 converting asm to hex 2 asm code 3 hex output 4 upload function This is an 'upload and exec' shellcode for the x86 platform. File has to be in executable format, cool if you know the distribution of...

The Includer CGI 1.0 - Remote Command Execution (2)

!/usr/bin/perl Target - The Includer CGI \n\n"; print " - Host name of taget.\n"; print " - If not in dir type / symbol.\n"; print " - command for execution.\n\n"; print " Examples:\n\n"; print " incl10.pl 127.0.0.1 /cgi-bin/ "ls -la"\n"; print " incl10.pl 127.0.0.1 / "uname -a"\n"; print "...

W3Mail 1.0.6 - File Disclosure

W3Mail 1.0.6 - File Disclosure source: https://www.securityfocus.com/bid/6170/info Versions of W3Mail 1.0.6 and greater are susceptible to a file disclosure vulnerability. To view attachments, the script "viewAttachment.cgi" accepts the parameter "file". The value of this parameter is passed to t...

CVE-1999-0322

Technical details such as affected products, vulnerable components, versions, root cause, or a confirmed fix are not publicly provided in the connected documents. Monitor for updates.

WEBgais 1.0 - websendmail Remote Command Execution

source: https://www.securityfocus.com/bid/2077/info WEBgais is a package that provides a web interface to the "gais" Global Area Intelligent Search search engine tool. This package contains a vulnerable script, websendmail, which can be used to execute arbitrary commands on the server with the...