6882 matches found
CVE-2008-0386
Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to 1 xdg-open or 2 xdg-email...
Code injection
Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to 1 xdg-open or 2 xdg-email...
CVE-2008-0386
Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to 1 xdg-open or 2 xdg-email...
Information disclosure
The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1 and earlier in Namo Web Editor in Sejoong Namo ActiveSquare 6 allows remote attackers to execute arbitrary code via a URL in the argument to the Install method. NOTE: some of these details are obtained from third party...
CVE-2008-0551
The NamoInstaller.NamoInstall.1 ActiveX control in NamoInstaller.dll 3.0.0.1 and earlier in Namo Web Editor in Sejoong Namo ActiveSquare 6 allows remote attackers to execute arbitrary code via a URL in the argument to the Install method. NOTE: some of these details are obtained from third party...
Information disclosure
onedcu in IBM Informix Dynamic Server IDS 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument...
CVE-2008-0368
onedcu in IBM Informix Dynamic Server IDS 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument...
CVE-2007-6683
The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...
CVE-2007-6683
The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...
Design/Logic Flaw
The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...
CVE-2007-6683
The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...
CVE-2007-6683
VLC 0.8.6d is affected by CVE-2007-6683 due to insecure argument validation that can allow remote overwriting of files writable by the user when opening a malicious M3U playlist or MP3 with a crafted EXTVLCOPT or demuxdump-file filename. Descriptions across sources (Debian GLSA/DSA, OpenVAS, Gent...
CVE-2007-6683
The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...
Buffer overflow
Buffer overflow in an ActiveX control in ccpm0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method...
CVE-2008-0248
Buffer overflow in an ActiveX control in ccpm0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method...
Stack overflow
A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service Internet Explorer 7 crash via a long argument to the SetPassword method...
CVE-2007-6493
The IMWeb.IMWebControl.1 ActiveX control in IMWeb.dll 7.0.0.x, and possibly IMWebControl.dll, in iMesh 7.1.0.x and earlier allows remote attackers to execute arbitrary code via a certain argument to the SetHandler method...
Apple Mac OS X mount_smbfs buffer overflow
Buffer overflow on command line -W argument parsing...
SuSE 10 Security Update : Samba (ZYPP Patch Number 3351)
Specially crafted MS-RPC packets could overwrite heap memory and therfore could potentially be exploited to execute code. CVE-2007-2446 Authenticated users could leverage specially crafted MS-RPC packets to pass arguments unfiltered to /bin/sh. CVE-2007-2447 %NASLMINLEVEL 70300 C Tenable Network...
Buffer overflow
Buffer overflow in the isdnnetsetcfg function in isdnnet.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdnioctl function...