openSUSE Security Update : lynx (lynx-275)

This update of lynx fixes a security bug that can be exploited by remote attackers to execute arbitrary commands when advanced mode is enabled and lynx is used as URL handler CVE-2008-4690 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

openSUSE 10 Security Update : lynx (lynx-5720)

This update of lynx fixes a security bug that can be exploited by remote attackers to execute arbitrary commands when advanced mode is enabled and lynx is used as URL handler CVE-2008-4690 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

CVE-2008-4690

CVE-2008-4690 affects Lynx 2.8.6dev.15 and earlier when Advanced mode is enabled and Lynx is configured as a URL handler. A crafted lynxcgi: URL can allow remote attackers to execute arbitrary commands. The connected Nessus/Gentoo/OpenVAS advisories reference Lynx fixes and mitigations: patches w...

CVE-2008-4690

lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulnerability in limited deployments that have define...

Format string

Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler...

CVE-2007-4708

Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler...

CVE-2007-4708

Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler...

CVE-2007-4708

CVE-2007-4708 is a format-string vulnerability in the Address Book component of Apple Mac OS X 10.4.11 that allows remote code execution via the URL handler. Public sources confirm the flaw affects Mac OS X 10.4.11 (and related Address Book/URL handling paths) and indicate that exploitation could...

Skype URL handler buffer overflow

Heap buffer overflow on skype4com URL handler...

KVIrc IRC client buffer overflow

Buffer overflow in irc:// URL handler...

MailCopa buffer overflow

Buffer overflow on oversized subject in mailto: URL handler...

Mac OS X Security Update 2007-001

The remote host is running a version of Mac OS X 10.3 or 10.4 which does not have Security Update 2007-001 applied. This update fixes a flaw in QuickTime which may allow a rogue website to execute arbitrary code on the remote host by exploiting an overflow in the RTSP URL handler. TRUSTED...

Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC

No description provided by source. !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" html head titleMOAB-20-01-2007/title script function boom var str = ''; for var i = 0; i 20; i++ str = str + escape'A%n'; str = 'aim:gochat?roomname=' + str;...

Transmit.app <= 3.5.5 ftps:// URL Handler Heap Buffer Overflow PoC

No description provided by source. !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" html head titleMOAB-19-01-2007/title script function boom var recipient = document.getElementById'testbox'; var str = ''; for var i = 0; i 408; i++ str = str + 'A' st...

MOAB-01-01-2007: Apple Quicktime rtsp URL Handler Stack-based Buffer Overflow

Summary The following description of the software is provided by vendor Apple: QuickTime 7 makes the future of video crystal clear with new features including user-friendly controls and pristine H.264 video. Upgrade to QuickTime 7 Pro and capture your own movies, then share them with friends and...

Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC

Exploit for macOS platform in category dos / poc =================================================================== Apple iChat 3.1.6 v441 aim:// URL Handler Format String Exploit PoC =================================================================== MOAB-20-01-2007 function boom var str = '';...

Apple iChat 3.1.6 441 - 'aim://' URL Handler Format String (PoC)

MOAB-20-01-2007 function boom var str = ''; for var i = 0; i milw0rm.com 2007-01-21...