CVE-2005-4667

Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long...

CVE-2005-1965

CVE-2005-1965 is a PHP remote file inclusion in Siteframe’s siteframe.php (Broadpool Siteframe). The LOCAL_PATH parameter can be manipulated to cause the server to include arbitrary files and execute PHP code on the remote host. Affected component is siteframe.php; impact is remote code execution...

CVE-2005-0523

Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header...

CVE-2005-1187

Heap-based buffer overflow in WinHex 12.05 SR-14, and possibly other versions, may allow attackers to execute arbitrary code via a long file name argument. NOTE: since this overflow is in the command line of an unprivileged program, it is highly likely that this is not a vulnerability...

AWStats 5.7 - 6.2 Multiple Remote Exploit

No description provided by source. / AWStats v5.7 - v6.2 sileAWSxpl This exploit utilize three methods for exploiter the vulnerability found on AWStats software. an user can execute remote code on vulnerable machine, with httpd privileges. References: www.securityfocus.org/bid/12543 coded by:...

[SECURITY] [DSA 684-1] New typespeed packages fix arbitrary group games code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 684-1 [email protected] http://www.debian.org/security/ Martin Schulze February 16th, 2005 http://www.debian.org/security/faq -...

HP-UX PHCO_29010 : HP-UX Running shar(1), Local Execution of Arbitrary Code (HPSBUX00304 SSRT3639 rev.2)

s700800 11.11 shar1 patch : shar1 creates tmp files insecurely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHCO29010. The text itself is copyright C Hewlett-Packard Development Company, L.P...

vBulletin 3.0.4 - 'forumdisplay.php' Code Execution (2)

fetcharray$forumusers == True , when you visit the forums, it must has at least one user show the forum. Fourth condition: magicquotesgpc must be OFF Vulnerable Systems: vBulletin version 3.0 up to and including version 3.0.4 Immune systems: vBulletin version 3.0.5 vBulletin version 3.0.6 / if...

[SECURITY] [DSA 663-1] New prozilla packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 663-1 [email protected] http://www.debian.org/security/ Martin Schulze February 1st, 2005 http://www.debian.org/security/faq -...

CVE-2005-0075

prefs.php in SquirrelMail before 1.4.4, with registerglobals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers...

Evolution: Integer overflow in camel-lock-helper

Background Evolution is a GNOME groupware application similar to Microsoft Outlook. Description Max Vozeler discovered an integer overflow in the camel-lock-helper application, which is installed as setgid mail by default. Impact A local attacker could exploit this vulnerability to execute...

CVE-2004-0998

Format string vulnerability in telnetd-ssl 0.17 and earlier allows remote attackers to execute arbitrary code...

CVE-2004-1315

viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which...

CVE-2004-1491

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry...

Debian DSA-164-1 : cacti - arbitrary code execution

A problem in cacti, a PHP based frontend to rrdtool for monitoring systems and services, has been discovered. This could lead into cacti executing arbitrary program code under the user id of the web server. This problem, however, is only persistent to users who already have administrator privileg...

[Full-Disclosure] Code Injection Vulnerability in pLog

I believe I have discovered a vulnerability in the open source blog software known as pLog. Register.php doesn't seem to check for script tags in the username or blog name fields in the account sign up form. This allows injection of potentially malicious code into the page. Since the names of blo...

WU-FTPD < 2.6.2 PASV Command Format String Arbitrary Code Execution

Binary data 1809.prm...

PuTTY: Pre-authentication arbitrary code execution

Background PuTTY is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator. Description PuTTY contains a vulnerability allowing a malicious server to execute arbitrary code on the connecting client before host key verification. Impact When...

Fedora Core 1 : subversion-0.32.1-2 (2004-127)

Stefan Esser discovered an issue in the date parsing routines in Subversion which allows a buffer overflow. An attacker could send malicious requests to a Subversion server either Apache-based using moddavsvn, or using the svnserve daemon and perform arbitrary execution of code. The Common...

MS04-023: Vulnerability in HTML Help Could Allow Code Execution (840315)

The remote host is subject to two vulnerabilities in the HTML Help and showHelp modules that could allow an attacker to execute arbitrary code on the remote host. To exploit these flaws, an attacker would need to set up a rogue website containing a malicious showHelp URL, and would need to lure a...