7628 matches found
[SECURITY] [DSA 957-2] New ImageMagick packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 957-2 [email protected] http://www.debian.org/security/ Martin Schulze January 31st, 2006 http://www.debian.org/security/faq -...
Limbo CMS Multiple Vulnerabilities
The remote host is running Limbo CMS, a content-management system written in PHP. The remote version of this software is vulnerable to several flaws including : - If registerglobals is off and Limbo is configured to use a MySQL backend, then a SQL injection is possible due to improper sanitizatio...
[SECURITY] [DSA 957-1] New ImageMagick packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 957-1 [email protected] http://www.debian.org/security/ Martin Schulze January 26th, 2006 http://www.debian.org/security/faq -...
CVE-2006-0225
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...
CVE-2006-0225
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...
CVE-2006-0225
OpenSSH 4.2p1 scp is vulnerable to arbitrary command execution via filenames containing shell metacharacters or spaces, because such names are expanded twice during local-to-local copying. The impact is that a local attacker could cause arbitrary commands to execute with the privileges of the scp...
Ubuntu 4.10 / 5.04 / 5.10 : linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities (USN-231-1)
Rudolf Polzer reported an abuse of the 'loadkeys' command. By redefining one or more keys and tricking another user like root into logging in on a text console and typing something that involves the redefined keys, a local user could cause execution of arbitrary commands with the privileges of th...
Mandrake Linux Security Advisory : lynx (MDKSA-2005:211)
An arbitrary command execution vulnerability was discovered in the lynx 'lynxcgi:' URI handler. An attacker could create a web page that redirects to a malicious URL which could then execute arbitrary code as the user running lynx. The updated packages have been patched to address this issue...
[VulnWatch] Fortinet Advisory - Apple QuickTime Player StripOffsets Improper Memory Acces
Fortinet Security Advisory: FSA-2006-02 Apple QuickTime Player StripOffsets Improper Memory Access Advisory Date : January 12, 2006 Reported Date : November 28, 2005 Vendor : Apple computers Affected Products : Apple QuickTime Player v7.0.3 Severity : High Reference :...
[VulnWatch] Fortinet Security Advisory: "Apple QuickTime Player Improper Memory Access Vulnerability"
Fortinet Security Advisory: FSA-2006-04 Apple QuickTime Player Improper Memory Access Vulnerability Advisory Date : January 12, 2006 Reported Date : November 28, 2005 Vendor : Apple computers Affected Products : Apple QuickTime Player v7.0.3 Severity : High Reference :...
[VulnWatch] Fortinet Advisory: Apple QuickTime Player Color Map Entry Size Buffer Overflow
Fortinet Security Advisory: FSA-2006-06 Apple QuickTime Player Color Map Entry Size Buffer Overflow Advisory Date : January 12, 2006 Reported Date : November 28, 2005 Vendor : Apple computers Affected Products : Apple QuickTime Player v7.0.3 Severity : High Reference :...
[SECURITY] [DSA 933-1] New hylafax packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 933-1 [email protected] http://www.debian.org/security/ Michael Stone January 9, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 933-1] New hylafax packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 933-1 [email protected] http://www.debian.org/security/ Michael Stone January 9, 2006 http://www.debian.org/security/faq -...
DSA-933-1 hylafax - arbitrary command execution
Bulletin has no description...
Hylafax 4.14.2 (Multiple Scripts) - Remote Command Execution
Hylafax 4.14.2 Multiple Scripts - Remote Command Execution source: https://www.securityfocus.com/bid/16151/info HylaFAX is vulnerable to multiple arbitrary command-execution vulnerabilities. This issue is due to a failure in the application to properly sanitize user-supplied input. These...
EFileGo 3.0 - Multiple Input Validation Vulnerabilities
EFileGo 3.0 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/16124/info eFileGo is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these...
CVE-2005-4793
Multiple unspecified vulnerabilities in the web utility function in Hitachi Cm2/Network Node Manager and JP1/Cm2/Network Node Manager before 20050930 allow attackers to execute arbitrary commands, disable services, and "exploit vulnerabilities."...
Windows WMF handling vulnerability
Added: 12/30/2005 CVE: CVE-2005-4560 BID: 16074 OSVDB: 21987 Background A Windows Metafile WMF image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A flaw in the way specially crafted WMF images are handled can allow arbitrary command executio...
Windows WMF handling vulnerability
Added: 12/30/2005 CVE: CVE-2005-4560 BID: 16074 OSVDB: 21987 Background A Windows Metafile WMF image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A flaw in the way specially crafted WMF images are handled can allow arbitrary command executio...
Windows WMF handling vulnerability
Added: 12/30/2005 CVE: CVE-2005-4560 BID: 16074 OSVDB: 21987 Background A Windows Metafile WMF image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A flaw in the way specially crafted WMF images are handled can allow arbitrary command executio...