CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution

CNC Technology BizDB 1.0 - bizdb-search.cgi Remote Command Execution source: https://www.securityfocus.com/bid/1104/info BizDB is a web databse integration product using perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable's contents to an unchecked open call and can therefor...

FreeBSD-SA-00:01.make

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:01 Security Advisory FreeBSD, Inc. Topic: Insecure temporary file handling in make1 Category: core Module: make Announced: 2000-01-19 Affects: All versions before the...

PHP 3.0.13 - 'Safe_mode' Failure

source: https://www.securityfocus.com/bid/911/info PHP Version 3.0 is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features thrown in. The goal of the language is to allow web developers to write dynamically generat...

Microsoft JET 3.5/3.51/4.0 - VBA Shell

source: https://www.securityfocus.com/bid/548/info A vulnerability affects Microsoft's Jet 3.51 and 4.0 driver MSJET35.DLL and MSJET40.DLL. This vulnerability could allow an attacker to create malicious '.xls' or '.doc' files incorporating VBA shell commands. When the file is opened, the shell...