CVE-2008-3931

javareconf in R 2.7.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2008-2666

Multiple directory traversal vulnerabilities in PHP 5.2.6 and earlier allow context-dependent attackers to bypass safemode restrictions by creating a subdirectory named http: and then placing ../ dot dot slash sequences in an http URL argument to the 1 chdir or 2 ftok function...

Database system security vulnerability excavations-vulnerability warning-the black bar safety net

Today, in the virus raging, hacking the ubiquitous network environment where software security has become a concern of the topic. Traditional software security main concern is that the permissions and roles of management, such as access control or data confidentiality and integrity, such as...

Moderate: htdig security update

3:3.2.0b6-4 - CVE-2007-6110...

[SECURITY] Fedora 8 Update: tomboy-0.8.1-3.fc8

Tomboy is a desktop note-taking application for Linux and Unix. Simple and easy to use, but with potential to help you organize the ideas and information y ou deal with every day. The key to Tomboy's usefulness lies in the ability to relate notes and ideas together. Using a WikiWiki-like linking...

BMP image parser vulnerability

The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...

Hack of the classic tutorial of buffer overflow and decryption(a)-vulnerability warning-the black bar safety net

The buffer overflow weakness was born in the 7 0's. Morris Worm8 0'scan be considered their first public application. From the 9 0's, related document, such as the famous Aleph1's”Smashing the Stack for Fun and Profit”and code has been on the Internet disclosed. This article is about some need to...

lighttpd -- FastCGI header overrun in mod_fastcgi

lighttpd maintainer reports: Lighttpd is prone to a header overflow when using the modfastcgi extension, this can lead to arbitrary code execution in the fastcgi application. For a detailed description of the bug see the external reference. This bug was found by Mattias Bengtsson and Philip Olaus...

krb5 kadmind uninitialized pointer

No description is available for this CVE...

BMP image parser vulnerability

The BMP image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.119 and earlier, when running on Unix/Linux systems,...

WebCalendar -- "noSet" variable overwrite vulnerability

Secunia reports: A vulnerability has been discovered in WebCalendar, which can be exploited by malicious people to compromise a vulnerable system. Input passed to unspecified parameters is not properly verified before being used with the "noSet" parameter set. This can be exploited to overwrite...

CVE-2007-0387

SQL injection vulnerability in models/category.php in the Weblinks component for Joomla! SVN 20070118 comweblinks allows remote attackers to execute arbitrary SQL commands via the catid parameter...

SAP Internet Graphics Server远程缓冲区溢出漏洞

SAP Internet Graphics Server是SAP R/3企业环境的一个组件，可提供图形服务。 SAP Internet Graphics Server不正确处理用户提交的HTTP请求，远程攻击者可以利用漏洞进行缓冲区溢出攻击，可能以进程权限执行任意指令。 目前没有详细漏洞细节提供，成功利用漏洞可导致在UNIX系统下获得SAP系统管理员特权，而在windows下可导致获得SYSTEM权限。 SAP Internet Graphics Server 6.40 Patch 11 SAP Internet Graphics Server 6.40 SAP Internet...

security flaw

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bug...

security flaw

No description is available for this CVE...

IDS evasion techniques and countermeasures detailed description-vulnerability warning-the black bar safety net

In the network thriving for a few days, the network security issues become increasingly prominent. Network on the Black, White two in the network security of the various fields are engaged in a fierce competition. The black hat community and constantly launch Dodge or across the networkintrusion...

CVE-2005-3117

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3150. Reason: This candidate was privately assigned by a CNA to an issue, but the issue was published through separate channels and assigned a new identifier by the MITRE CNA, so it is a duplicate of CVE-2005-3150. Notes: All...

CVE-2004-1032

fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash / characters such that fcronsighup does not properly append the intended fcrontab.sig to the...

CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service infinite loop via a web page or HTML email that contains invalid HTML including 1 a TEXTAREA tag with a large COLS value and 2 a large tag name in an element that is not terminated, as demonstrated ...

CVE-2004-1628

Removed by vendor...