CVE-2009-1438

Integer overflow in the CSoundFile::ReadMed function src/loadmed.cpp in libmodplug before 0.8.6, as used in gstreamer-plugins, TTPlayer, and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted 1 song comment or 2 song name, which triggers a...

CVE-2008-0630

Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code...

CVE-2005-1035

Multiple buffer overflows in Pavuk before 0.9.32 have unknown attack vectors and impact...

Microsoft Internet Explorer - mshtml.dll CSS Parsing Buffer Overflow

Microsoft Internet Explorer - mshtml.dll CSS Parsing Buffer Overflow / Taken from http://www.securiteam.com/exploits/5NP042KF5A.html The exploit will create a .CSS file that should be included in an HTML file. When a user loads the HTML file, Internet Explorer will try to parse the CSS and will...

USN-76-1: Emacs vulnerability

Max Vozeler discovered a format string vulnerability in the "movemail" utility of Emacs. By sending specially crafted packets, a malicious POP3 server could cause a buffer overflow, which could have been exploited to execute arbitrary code with the privileges of the user and the "mail" group sinc...

MS04-036: Microsoft NNTP Component Remote Overflow (883935) (uncredentialed check)

The remote host is running a version of Microsoft NNTP server that is vulnerable to a buffer overflow issue. An attacker may exploit this flaw to execute arbitrary commands on the remote host with the privileges of the NNTP server process. C Tenable Network Security, Inc. include"compat.inc"; if...

Netscape NSS Library SSLv2 Challenge Overflow

The remote host seems to be using the Mozilla Network Security Services NSS Library, a set of libraries designed to support the development of security-enabled client/server applications. There seems to be a flaw in the remote version of this library, in the SSLv2 handling code, that may allow an...

CVE-2002-1580

Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347...

Monit 4.1 - Remote Buffer Overflow

!/usr/bin/perl monit \n\n"; exit0; print "HOST:\t$ARGV0\n"; print "PORT:\t2812\n"; my $buffer = "B" x 284 . "\xcf\x89\xb3\x40" . $shellcode; esp mandrake 9.1 my $buffer = "A" x 284 . "XXXX" . "B" x 100; dos and debug print "connecting to server...\n"; $socket = IO::Socket::INET - new PeerAddr =...

Kerio Mailserver buffer overflow

SPAM filter buffer overflow...

CVE-2003-0820

Microsoft Word 97, 98J, 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack...

MERCUR Mailserver SMTP / IMAP / POP3 Servers Remote Overflows

The remote Atrium MERCUR SMTP server mail server seems to be vulnerable to a remote buffer overflow. Successful exploitation of this vulnerability would give a remote attacker administrative access to the mail server and access to potentially confidential data. The IMAP and POP3 servers are...

Knox Arkeia Pro 5.1.12 - Backup Remote Code Execution

Knox Arkeia Pro 5.1.12 - Backup Remote Code Execution / Knox Arkiea arkiead local/remote root exploit. Portbind 5074 shellcode Tested on Redhat 8.0, Redhat 7.2, but all versions are presumed vulnerable. NULLs out least significant byte of EBP to pull EIP out of overflow buffer. A previous request...

Tolis Group BRU 17.0 - Local Privilege Escalation (1)

// source: https://www.securityfocus.com/bid/8215/info It has been reported that BRU may not properly parse commandline arguments, potentially leading to at least two vectors of exploitation. It may be possible for local attackers to conduct format string-based attacks as well as buffer...

Tolis Group BRU 17.0 - Local Privilege Escalation (2)

// source: https://www.securityfocus.com/bid/8215/info It has been reported that BRU may not properly parse commandline arguments, potentially leading to at least two vectors of exploitation. It may be possible for local attackers to conduct format string-based attacks as well as buffer...

Ifenslave 0.0.7 - Argument Local Buffer Overflow (1)

source: https://www.securityfocus.com/bid/7682/info ifenslave for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an internal memory space. It is possible...

CdRecord Version <= 2.0 Mandrake local root exploit

No description provided by source. !/usr/bin/perl Cdrecord version 2.0 and local root exploit. wsxz@localhost buffer$ perl priv8cdr.pl 4 Using target number 4 Using Mr .dtors 0x808c82c Cdrecord 2.0 i586-mandrake-linux-gnu scsibus: -1 target: -1 lun: -1 Warning: Open by 'devname' is unintentional...

CVE-2003-0161

The prescan function in the address parser parseaddr.c in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers t...

EEYE: Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities

Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities Release Date: November 12, 2002 Severity: High Remote SYSTEM level code execution Systems Affected: Macromedia Coldfusion 6.0 and prior IIS ISAPI Macromedia JRun 4.0 and prior IIS ISAPI Description: Macromedia JRun and...

CVE-2002-1032

Buffer overflow in KeyFocus KF web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header...