107 matches found
CVE-2008-3074
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
CVE-2008-3075
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a ZIP archive and possibly 2 the filename of the first file in a ZIP archive, which is not properly...
Information disclosure
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
CVE-2008-3074
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
DEBIAN-CVE-2008-3074
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
CVE-2008-3074
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
CVE-2008-3074
CVE-2008-3074 affects Vim 7.0–7.2 (including 7.2a.10) via the shellescape vulnerability in the Vim TAR plugin (tar.vim, v.10–v.22). The root cause is linked to an incomplete fix for CVE-2008-2712, sharing the same underlying issue as CVE-2008-3075. The described impact allows user‑assisted attack...
CVE-2008-3074
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" exclamation point shell metacharacter in 1 the filename of a tar archive and possibly 2 the filename of the first file in a tar archive, which is not properly...
Gentoo Security Advisory GLSA 200409-13 (lha)
The remote host is missing updates announced in advisory GLSA 200409-13. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200409-13 (lha)
The remote host is missing updates announced in advisory GLSA 200409-13. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
openmotif21 stack overflows in libxpm
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include 1 multiple integer overflows, 2 out-of-bounds memory accesses, 3 directory traversal, 4 shell metacharacter, 5 endless loops, and 6 memory leaks, which could allow remote attackers to obtain...
Code injection
Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' pipe shell metacharacter in the name of the song in a .mp3 file...
Code injection
The mIRC Control Plug-in for Winamp allows user-assisted remote attackers to execute arbitrary code via the '|' pipe shell metacharacter in the name of the song in a .mp3 file...
CVE-2007-4403
The mIRC Control Plug-in for Winamp allows user-assisted remote attackers to execute arbitrary code via the '|' pipe shell metacharacter in the name of the song in a .mp3 file...
CVE-2007-4402
Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' pipe shell metacharacter in the name of the song in a .mp3 file...
CVE-2007-4402
CVE-2007-4402 affects mIRC. The vulnerability enables user-assisted remote code execution by crafting the name of an mp3 file to include the '|' (pipe) shell metacharacter, taking advantage of multiple unspecified scripts that process the filename. Root cause: shell metacharacter handling in the ...
AFFLIB(TM): Multiple Shell Metacharacter Injections
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Multiple Shell Metacharacter Injections in AFFLIB Release Date: 2007-04-27...
Debian DSA-866-1 : mozilla - several vulnerabilities
Several security-related problems have been discovered in Mozilla and derived programs. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2871 Tom Ferris discovered a bug in the IDN hostname handling of Mozilla that allows remote attackers to cause a...
TWiki TWikiUsers - INCLUDE Function Arbitrary Command Execution
TWiki TWikiUsers - INCLUDE Function Arbitrary Command Execution source: https://www.securityfocus.com/bid/14960/info A remote command execution vulnerability affects the application. The revision control function of the TWikiUsers script uses the backtick shell metacharacter to construct a comman...
TWiki TWikiUsers - INCLUDE Function Arbitrary Command Execution
source: https://www.securityfocus.com/bid/14960/info A remote command execution vulnerability affects the application. The revision control function of the TWikiUsers script uses the backtick shell metacharacter to construct a command line. An attacker may use a specially crafted URI to execute...