DSA-364-3 man-db - buffer overflows, arbitrary command execution

Bulletin has no description...

DSA-364-2 man-db - buffer overflows, arbitrary command execution

Bulletin has no description...

DSA-364 man-db - buffer overflows, arbitrary command execution

Bulletin has no description...

Microsoft Internet Explorer and Outlook Express MHTML rendering engine incorrectly executes script in Local Computer Zone

Overview There is an MHTML input validation vulnerability in Outlook Express that may lead to arbitrary command and code execution in the Local Computer Zone of a victim host. Description Microsoft systems use components of Microsoft Outlook Express to render MHTML MIME Encapsulation of Aggregate...

[CLA-2003:711] Conectiva Security Announcement - mnogosearch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : mnogosearch SUMMARY : Remote buffer overflow...

Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled within the viewer. Allegedly, by placing a specially formatted hyperlink within a PDF...

Adobe Acrobat Reader (UNIX) 5.0 6 Xpdf 0.9x Hyperlinks - Arbitrary Command Execution

Adobe Acrobat Reader UNIX 5.0 6 Xpdf 0.9x Hyperlinks - Arbitrary Command Execution source: https://www.securityfocus.com/bid/7912/info A vulnerability has been reported for multiple PDF viewers for Unix variant operating systems. The problem is said to occur when hyperlinks have been enabled with...

Moderate: Red Hat Security Advisory: : : : Updated hanterm packages provide security fixes

Updated hanterm packages fix two security issues. Hangul Terminal is a terminal emulator for the X Window System, based on Xterm. Hangul Terminal provides an escape sequence for reporting the current window title, which essentially takes the current title and places it directly on the command lin...

CVE-2003-0354

Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job...

RedHat 9.0 / Slackware 8.1 - '/bin/mail' Carbon Copy Field Buffer Overrun

source: https://www.securityfocus.com/bid/7760/info A vulnerability has been discovered in the Linux /bin/mail utility. The problem occurs when processing excessive data within the carbon copy field. Due to insufficient bounds checking while parsing this information it may be possible to trigger ...

AIX 4.3.35.x - Getlvcb Command Line Argument Buffer Overflow (1)

AIX 4.3.35.x - Getlvcb Command Line Argument Buffer Overflow 1 source: https://www.securityfocus.com/bid/9905/info getlvcb has been reported to be prone to a buffer overflow vulnerability. When an argument is passed to the getlvcb utility, the string is copied into a reserved buffer in memory. Da...

Samba 2.2.x - 'call_trans2open' Remote Buffer Overflow (3)

// source: https://www.securityfocus.com/bid/7294/info A buffer overflow vulnerability has been reported for Samba. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server, it may be possible for an anonymous user to corrupt...

Samba 2.2.x - call_trans2open Remote Buffer Overflow (3)

Samba 2.2.x - calltrans2open Remote Buffer Overflow 3 // source: https://www.securityfocus.com/bid/7294/info A buffer overflow vulnerability has been reported for Samba. The problem occurs when copying user-supplied data into a static buffer. By passing excessive data to an affected Samba server,...

unhappycgi.txt

Advisory URL: http://securitytracker.com/alerts/2003/May/1006707.html Vendor: Happycgi.com Product: Happymall Versions: 4.3, 4.4 Title: Happymall E-Commerce Input Validation Flaw Lets Remote Users Execute Arbitrary Commands Description: Revin Aldi reported an input validation vulnerability in the...

HappyMall Multiple Script Arbitrary Command Execution

There is a flaw HappyMall that could allow an attacker to execute arbitrary commands with the privileges of the HTTP daemon typically root or nobody, by making a request like : /shop/normalhtml.cgi?file=|id| In addition, memberhtml.cgi has been reported vulnerable. However, Nessus has not checked...

CVE-2003-0171

DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program...

IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution (2)

IkonBoard 3.1 - Lang Cookie Arbitrary Command Execution 2 source: https://www.securityfocus.com/bid/7361/info It has been reported that IkonBoard is prone to an arbitrary command execution vulnerability. The vulnerability is due to insufficient sanitization performed on user supplied cookie data...

StockMan Shopping Cart shop.plx page Parameter Arbitrary Command Execution

The remote host is running the StockMan shopping cart. According to the version number of the CGI shop.plx, there is a flaw in this installation that could allow an attacker to execute arbitrary commands on this host, and which could also allow him to obtain your list of customers or their credit...

[SECURITY] [DSA 296-1] New kdebase packages fix arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 296-1 [email protected] http://www.debian.org/security/ Martin Schulze April 30th, 2003 http://www.debian.org/security/faq -...

DSA-296 kdebase - insecure execution

Bulletin has no description...