7710 matches found
MOG-WebShop (index.php group) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ MOG-WebShop = ? - Multiple Remote SQL Injection Vulnerabilities Waktu : Dec 15 2007 11:45AM Software : MOG-WebShop | http://mog-site.com/index.php?act=product&po=detil&id=3...
SuSE 10 Security Update : clamav (ZYPP Patch Number 4169)
This is an update to ClamAV 0.91.2 to fix various bugs like NULL pointer dereferences and uninitialized variables etc. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
GNU Emacs: Multiple vulnerabilities
Background GNU Emacs is a highly extensible and customizable text editor. Description Drake Wilson reported that the hack-local-variables function in GNU Emacs 22 does not properly match assignments of local variables in a file against a list of unsafe or risky variables, allowing to override the...
CVE-2007-5900
PHP before 5.2.5 allows local users to bypass protection mechanisms configured through phpadminvalue or phpadminflag in httpd.conf by using iniset to modify arbitrary configuration variables, a different issue than CVE-2006-4625...
CVE-2007-5900
PHP before 5.2.5 allows local users to bypass protection mechanisms configured through phpadminvalue or phpadminflag in httpd.conf by using iniset to modify arbitrary configuration variables, a different issue than CVE-2006-4625...
CVE-2007-5900
PHP before 5.2.5 allows local users to bypass protection mechanisms configured through phpadminvalue or phpadminflag in httpd.conf by using iniset to modify arbitrary configuration variables, a different issue than CVE-2006-4625...
Talk about environment variables in the Hacking of use-vulnerability warning-the black bar safety net
This message has been sent to the Black hand of the tenth First, we first understand under what environment variables! Environment variable generally refers to in theoperating systemis used to specify theoperating systemthe operating environment of some parameters, such as the temporary folder...
Ubuntu 7.10 : emacs22 vulnerability (USN-541-1)
Drake Wilson discovered that Emacs did not correctly handle the safe mode of 'enable-local-variables'. If a user were tricked into opening a specially crafted file while 'enable-local-variables' was set to the non-default ':safe', a remote attacker could execute arbitrary commands with the user's...
Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 vulnerabilities (USN-424-1)
Multiple buffer overflows have been discovered in various PHP modules. If a PHP application processes untrusted data with functions of the session or zip module, or various string functions, a remote attacker could exploit this to execute arbitrary code with the privileges of the web server...
Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 regression (USN-424-2)
USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem. We apologize for the inconvenience. Multiple buffer overflows have been discovered in various PHP modules. If a PHP application...
openSUSE 10 Security Update : emacs (emacs-4620)
The setting ':safe' of 'enable-local-variables' could be bypassed by specially crafted files CVE-2007-5795. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update emacs-4620. The text description of...
CVE-2007-5795
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a...
Design/Logic Flaw
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a...
CVE-2007-5795
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a...
CVE-2007-5795
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a...
CVE-2007-5682
Incomplete blacklist vulnerability in tiki-graphformula.php in TikiWiki before 1.9.8.2 allows remote attackers to execute arbitrary code by using variable functions and variable variables to write variables whose names match the whitelist, a different vulnerability than CVE-2007-5423...
S21SEC-038-en: Alcatel Omnivista 4760 Cross-Site Scripting
S21Sec Advisory - Title: Alcatel Omnivista 4760 Cross-Site Scripting ID: S21SEC-038-en Severity: Medium - History: 10.Jun.2007 Vulnerability discovered 20.Jun.2007 Vendor contacted 19.Oct.2007 Advisory released Authors: Juan de la Fuente Costa [email protected] Pablo Seijo Cajaraville...
CVE-2002-2278
Cross-site scripting XSS vulnerability in modsearch/index.php in PortailPHP 0.99 allows remote attackers to inject arbitrary web script or HTML via the 1 $AppTheme, 2 $RubSearch, 3 $RubNews, 4 $RubFile, 5 $RubLiens, or 6 $RubFaq variables...
openSUSE 10 Security Update : apparmor (apparmor-1842)
This update fixes security problems in the AppArmor confinment technology. Since it adds new flags to the profile syntax, you likely should review and adapt your profiles. - If a profile allowed unconfined execution 'ux' of a child binary it was possible to inject code via LDPRELOAD or similar...
IBM DB2 < 8 Fix Pack 15 / 9.x < 9 Fix Pack 3 Multiple Vulnerabilities
Binary data 4239.prm...