49 matches found
ImageMagick's Overflow
ImageMagick's Overflow Rosiello Security's Advisory & DTORS http://www.rosiello.org I. BACKGROUND The ImageMagick display is an image viewer. ImageMagick is part of the KDE desktop and is bundled with all major Linux distributions. II. DESCRIPTION A vulnerability was found in this application tha...
MS02-060: Flaw in WinXP Help center could enable file deletion (328940)
There is a security vulnerability in the remote Windows XP Help and Support Center which can be exploited by an attacker to delete arbitrary files on this host. To do so, an attacker needs to create malicious web pages that must be visited by the owner of the remote system. C Tenable Network...
PHPReactor 1.2.7 - Style Attribute HTML Injection
PHPReactor 1.2.7 - Style Attribute HTML Injection source: https://www.securityfocus.com/bid/5569/info phpReactor does not sufficiently sanitize HTML from various fields such as in the body of a message or in profile fields. It is possible to inject arbitrary HTML and script code into these fields...
PHPReactor 1.2.7 - Style Attribute HTML Injection
source: https://www.securityfocus.com/bid/5569/info phpReactor does not sufficiently sanitize HTML from various fields such as in the body of a message or in profile fields. It is possible to inject arbitrary HTML and script code into these fields. An attacker may potentially exploit this situati...
CVE-2001-0667
Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix SFU 2.0, allows remote attackers to execute commands by spawning Telnet with a log file option on the command line and writing arbitrary code into an executable file which is later executed, aka a new variant o...
[SECURITY] [DSA 119-1] ssh channel bug
Package: openssh Vulnerability: local root exploit, remote client exploit Debian-specific: no Joost Pol [email protected] reports that OpenSSH versions 2.0 through 3.0.2 have an off-by-one bug in the channel allocation code. This vulnerability can be exploited by authenticated users to gain root...
NSFOCUS SA2000-04: Microsoft Win9x client driver type comparing vulnerability
NSFOCUS Security AdvisorySA2000-04 TopicёєMicrosoft Win9x client driver type comparing vulnerability Release Dateёє Aug 20, 2000 Update Dateёє Oct 11, 2000 Affected System: ================ - Microsoft Windows 95 - Microsoft Windows 98 - Microsoft Windows 98 Second Edition Non-affected systemёє...
Microsoft Outlook 97982000 Outlook Express 4.05.0 - GMT Field Buffer Overflow (1)
Microsoft Outlook 97982000 Outlook Express 4.05.0 - GMT Field Buffer Overflow 1 source: https://www.securityfocus.com/bid/1481/info All versions of Microsoft Outlook and Outlook Express are vulnerable to buffer overflow attacks where a remote user is capable of executing arbitrary code on an emai...
Qualcomm Eudora 4.2/4.3 - Warning Message Circumvention
source: https://www.securityfocus.com/bid/1157/info A malicious email sender can circumvent warning messages that would normally display when a user attempts to view executable attachments in Eudora 4.2/4.3. Eudora does not prompt a user with the warning message if they are attempting to open a...