7622 matches found
CVE-2004-0037
FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages...
Important: Red Hat Security Advisory: : Updated kdepim packages resolve security vulnerability
Updated kdepim packages are now available that fix a local buffer overflow vulnerability. The K Desktop Environment KDE is a graphical desktop for the X Window System. The KDE Personal Information Management kdepim suite helps you to organize your mail, tasks, appointments, and contacts. The KDE...
[SECURITY] [DSA 420-1] New jitterbug packages fix arbitrary command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 420-1 [email protected] http://www.debian.org/security/ Martin Schulze January 12th, 2004 http://www.debian.org/security/faq -...
[Full-Disclosure] [SECURITY] [DSA 420-1] New jitterbug packages fix arbitrary command execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 420-1 [email protected] http://www.debian.org/security/ Martin Schulze January 12th, 2004 http://www.debian.org/security/faq -...
PHP-Ping php-ping.php count Parameter Arbitrary Command Execution
The remote host appears to be running 'php-ping.php' from TheWorldsEnd.NET. The remote version of this script does not properly sanitize the 'count' parameter and allows attackers to execute arbitrary commands or read arbitrary files on the remote host subject to the privileges of the web server...
SiteInteractive Subscribe Me - 'Setup.pl' Arbitrary Command Execution
source: https://www.securityfocus.com/bid/9253/info It has been reported that the SiteInteractive Subscribe Me setup.pl script lacks sufficient sanitization on user-supplied URI parameters; an attacker may invoke this script remotely and and by passing sufficient URI parameters may influence the...
OnlineArts DailyDose 1.1 - dose.pl Remote Command Execution
OnlineArts DailyDose 1.1 - dose.pl Remote Command Execution source: https://www.securityfocus.com/bid/9000/info It has been reported that DailyDose may be prone to a remote command execution vulnerability due to insufficient sanitization of $temp variable in dose.pl script. An attacker may submit...
kpopup 0.9.x - Privileged Command Execution
kpopup 0.9.x - Privileged Command Execution // source: https://www.securityfocus.com/bid/8915/info It has been alleged that it is possible for local attackers to gain root privileges through kpopup, which is is installed setuid root by default. According to the report, kpopup uses the system3...
ZH2003-28SA (security advisory): file inclusion vulnerability in PayPal Store Front
ZH2003-28SA security advisory: file inclusion vulnerability in PayPal Store Front Published: 08 October 2003 Name: PayPal Store Front Affected Versions: 3.0 and other versions? Vendor: http://www.muziqpakistan.net/taz/ Issue: file inclusion vulnerability Author: Astharot at Zone-H.org Description...
OpenSSH < 3.7.1 Multiple Vulnerabilities
According to its banner, the remote SSH server is running a version of OpenSSH older than 3.7.1. Such versions are vulnerable to a flaw in the buffer management functions that might allow an attacker to execute arbitrary commands on this host. An exploit for this issue is rumored to exist. Note...
CVE-2003-0644
Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands...
DSA-364-3 man-db - buffer overflows, arbitrary command execution
Bulletin has no description...
DSA-364 man-db - buffer overflows, arbitrary command execution
Bulletin has no description...
Microsoft Internet Explorer and Outlook Express MHTML rendering engine incorrectly executes script in Local Computer Zone
Overview There is an MHTML input validation vulnerability in Outlook Express that may lead to arbitrary command and code execution in the Local Computer Zone of a victim host. Description Microsoft systems use components of Microsoft Outlook Express to render MHTML MIME Encapsulation of Aggregate...
[CLA-2003:711] Conectiva Security Announcement - mnogosearch
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : mnogosearch SUMMARY : Remote buffer overflow...
Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled within the viewer. Allegedly, by placing a specially formatted hyperlink within a PDF...
Adobe Acrobat Reader (UNIX) 5.0 6 Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
Adobe Acrobat Reader UNIX 5.0 6 Xpdf 0.9x Hyperlinks - Arbitrary Command Execution source: https://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled with...
CVE-2003-0354
Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job...
RedHat 9.0 / Slackware 8.1 - '/bin/mail' Carbon Copy Field Buffer Overrun
source: https://www.securityfocus.com/bid/7760/info A vulnerability has been discovered in the Linux /bin/mail utility. The problem occurs when processing excessive data within the carbon copy field. Due to insufficient bounds checking while parsing this information it may be possible to trigger ...
AIX 4.3.35.x - Getlvcb Command Line Argument Buffer Overflow (1)
AIX 4.3.35.x - Getlvcb Command Line Argument Buffer Overflow 1 source: https://www.securityfocus.com/bid/9905/info getlvcb has been reported to be prone to a buffer overflow vulnerability. When an argument is passed to the getlvcb utility, the string is copied into a reserved buffer in memory. Da...