CVE-2003-0066

The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to...

CVE-2003-0068

The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker t...

DEBIAN-CVE-2003-0070

VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containin...

CVE-2003-0063

The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the...

typo3 issues

hola, ... [email protected]/Martin Eiszner ===================== Security REPORT TYPO3 ===================== this document: http://www.websec.org/adv/typo3.html Product: Typo3 Version 3.5b5 / Earlier versions are possibly vulnerable too Vendor: Typo3 http://www.typo3.com Vendor-Status:...

Webchat 0.77 - Defines.php Remote File Inclusion

Webchat 0.77 - Defines.php Remote File Inclusion source: https://www.securityfocus.com/bid/7000/info Webchat is prone to an issue that may allow remote attackers to include files located on attacker-controlled servers. This vulnerability is as a result of insufficient sanitization performed on...

GTCatalog 0.8.160.9 - Remote File Inclusion

GTCatalog 0.8.160.9 - Remote File Inclusion source: https://www.securityfocus.com/bid/6998/info GTCatalog is prone to an issue that may allow remote attackers to include files located on attacker-controlled servers. This vulnerability is as a result of insufficient sanitization performed on remot...

CuteNews Multiple Script cutepath Parameter Arbitrary Command Execution

The version of CuteNews installed on the remote host fails to sanitize input to the 'cutepath' parameter before using it in various scripts to include PHP code. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web server...

gnome-terminal allows arbitrary command execution when viewing files containing crafted escape sequences

Overview gnome-terminal may allow a remote attacker to execute arbitrary commands via crafted escape sequences. Description gnome-terminal affords users the ability to utilize an escape sequence to "export" the title of the current window title directly to the shell command line. By viewing a...

CuteNews 0.88 - search.php Remote File Inclusion

CuteNews 0.88 - search.php Remote File Inclusion source: https://www.securityfocus.com/bid/6935/info CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers. Under some circumstances, it is possible for remote attackers to influence the include pat...

CuteNews 0.88 - shownews.php Remote File Inclusion

CuteNews 0.88 - shownews.php Remote File Inclusion source: https://www.securityfocus.com/bid/6935/info CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers. Under some circumstances, it is possible for remote attackers to influence the include...

CuteNews 0.88 - 'shownews.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/6935/info CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers. Under some circumstances, it is possible for remote attackers to influence the include path for several include files to point to an extern...

CuteNews 0.88 - comments.php Remote File Inclusion

CuteNews 0.88 - comments.php Remote File Inclusion source: https://www.securityfocus.com/bid/6935/info CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers. Under some circumstances, it is possible for remote attackers to influence the include...

Microsoft Internet Explorer 5 - ShowHelp Arbitrary Command Execution

Microsoft Internet Explorer 5 - ShowHelp Arbitrary Command Execution source: https://www.securityfocus.com/bid/6780/info Microsoft Internet Explorer implements the showHelp function as a means of displaying help content contained in HTML pages. However, this function is capable of performing too...

Microsoft Internet Explorer 5 - ShowHelp Arbitrary Command Execution

source: https://www.securityfocus.com/bid/6780/info Microsoft Internet Explorer implements the showHelp function as a means of displaying help content contained in HTML pages. However, this function is capable of performing too many other actions outside of its intended functionality through...

Important: Red Hat Security Advisory: vim security update

Updated VIM packages are available for Red Hat Linux Advanced Server. These updates resolve a security issue when opening a specially-crafted text file. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 VIM VIsual editor iMproved is a version of the vi editor. VIM allows a use...

[SECURITY] [DSA 241-1] New kdeutils packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 241-1 [email protected] http://www.debian.org/security/ Martin Schulze January 24th, 2003 http://www.debian.org/security/faq -...

DSA-241 kdeutils - several vulnerabilities

Bulletin has no description...

[SECURITY] [DSA 240-1] New kdegames packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 240-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23rd, 2003 http://www.debian.org/security/faq -...

[SECURITY] [DSA 238-1] New kdepim packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 238-1 [email protected] http://www.debian.org/security/ Martin Schulze January 23rd, 2003 http://www.debian.org/security/faq -...