Lucene search
K

2228 matches found

Exploit DB
Exploit DB
added 2005/06/01 12:0 a.m.35 views

Microsoft Outlook Express 4.x/5.x/6.0 - Attachment Processing File Extension Obfuscation

source: https://www.securityfocus.com/bid/13837/info Microsoft Outlook Express is prone to an attachment file extension obfuscation vulnerability that may present a risk under certain configurations. The issue manifests due to Microsoft Outlook Express behavior while handling an 'EML' email...

7AI score
Exploits0
securityvulns
securityvulns
added 2005/04/27 12:0 a.m.48 views

iDEFENSE Security Advisory 04.26.05: Citrix Program Neighborhood Agent Arbitrary Shortcut Creation Vulnerability

Citrix Program Neighborhood Agent Arbitrary Shortcut Creation Vulnerability iDEFENSE Security Advisory 04.26.05 www.idefense.com/application/poi/display?id=237&type=vulnerabilities April 26, 2005 I. BACKGROUND Citrix Program Neighborhood Agent is a part of the Citrix Presentation Server Client an...

5CVSS0.7AI score0.01165EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/04 12:0 a.m.25 views

GLSA-200503-06 : BidWatcher: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200503-06 BidWatcher: Format string vulnerability Ulf Harnhammar discovered a format string vulnerability in 'netstuff.cpp'. Impact : Remote attackers can potentially exploit this vulnerability by sending specially crafted respons...

7.5CVSS6AI score0.01907EPSS
Exploits0References2
NVD
NVD
added 2005/03/02 5:0 a.m.21 views

CVE-2005-0605

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmapunit value that leads to a buffer overflow...

7.5CVSS9.6AI score0.04507EPSS
Exploits0References27
Gentoo Linux
Gentoo Linux
added 2005/02/23 12:0 a.m.22 views

Cyrus IMAP Server: Multiple overflow vulnerabilities

Background The Cyrus IMAP Server is an efficient, highly-scalable IMAP e-mail server. Description Possible single byte overflows have been found in the imapd annotate extension and mailbox handling code. Furthermore stack buffer overflows have been found in fetchnews, the backend and imapd. Impac...

7.5CVSS7.6AI score0.04244EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/14 12:0 a.m.10 views

GLSA-200501-11 : Dillo: Format string vulnerability

The remote host is affected by the vulnerability described in GLSA-200501-11 Dillo: Format string vulnerability Gentoo Linux developer Tavis Ormandy found a format string bug in Dillo's handling of messages in aInterfacemsg. Impact : An attacker could craft a malicious web page which, when access...

7.5CVSS6AI score0.03522EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2005/01/26 12:0 a.m.27 views

GraphicsMagick: PSD decoding heap overflow

Background GraphicsMagick is a collection of tools to read, write and manipulate images in many formats. GraphicsMagick is originally derived from ImageMagick 5.5.2. Description Andrei Nigmatulin discovered that handling a Photoshop Document PSD file with more than 24 layers in ImageMagick could...

7.5CVSS7.2AI score0.04378EPSS
Exploits1
Gentoo Linux
Gentoo Linux
added 2005/01/23 12:0 a.m.40 views

teTeX, pTeX, CSTeX: Multiple vulnerabilities

Background teTeX is a complete and open source TeX distribution. CSTeX is another TeX distribution including Czech and Slovak support. pTeX is another alternative that allows Japanese publishing with TeX. xdvizilla is an auxiliary script used to integrate DVI file viewing in Mozilla-based browser...

10CVSS6.9AI score0.09334EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2005/01/13 12:0 a.m.30 views

RHEL 2.1 / 3 : libtiff (RHSA-2005:019)

Updated libtiff packages that fix various integer overflows are now available. The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. iDEFENSE has reported an integer overflow bug that affects libtiff. An attacker who has the ability...

10CVSS6AI score0.14972EPSS
Exploits1References5
NVD
NVD
added 2004/12/31 5:0 a.m.17 views

CVE-2004-1419

PHP remote file inclusion vulnerability in ZeroBoard 4.1pl4 and earlier allows remote attackers to execute arbitrary PHP code by modifying the 1 zbpath parameter to outlogin.php or 2 dir parameter to write.php to reference a URL on a remote web server that contains the code...

6.8CVSS7.6AI score0.02424EPSS
Exploits1References9
Gentoo Linux
Gentoo Linux
added 2004/12/28 12:0 a.m.33 views

Xpdf, GPdf: New integer overflows

Background Xpdf is an open source viewer for Portable Document Format PDF files. GPdf is a Gnome-based PDF viewer that includes some Xpdf code. Description A new integer overflow issue was discovered in Xpdf's Gfx::doImage function. Impact An attacker could entice an user to open a...

9.3CVSS2.7AI score0.06576EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2004/12/02 10:13 a.m.3 views

security flaw

Unknown vulnerability in the Linux kernel before 2.4.23, on the AMD AMD64 and Intel EM64T architectures, associated with "setting up TSS limits," allows local users to cause a denial of service crash and possibly execute arbitrary code...

2.1CVSS6AI score0.0043EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/11/10 12:0 a.m.37 views

Debian DSA-567-1 : tiff - heap overflows

Several problems have been discovered in libtiff, the Tag Image File Format library for processing TIFF graphics files. An attacker could prepare a specially crafted TIFF graphic that would cause the client to execute arbitrary code or crash. The Common Vulnerabilities and Exposures Project has...

7.5CVSS5.9AI score0.08268EPSS
Exploits1References4
securityvulns
securityvulns
added 2004/10/25 12:0 a.m.22 views

rssh: pizzacode security alert

PIZZACODE SECURITY ALERT program: rssh risk: low problem: string format vulnerability in log.c details: rssh is a restricted shell for use with OpenSSH, allowing only scp and/or sftp. For example, if you have a server which you only want to allow users to copy files off of via scp, without...

0.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.21 views

Debian DSA-291-1 : ircii - buffer overflows

Timo Sirainen discovered several problems in ircII, a popular client for Internet Relay Chat IRC. A malicious server could craft special reply strings, triggering the client to write beyond buffer boundaries. This could lead to a denial of service if the client only crashes, but may also lead to...

7.5CVSS5.8AI score0.02596EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/09/22 12:0 a.m.13 views

GLSA-200409-27 : glFTPd: Local buffer overflow vulnerability

The remote host is affected by the vulnerability described in GLSA-200409-27 glFTPd: Local buffer overflow vulnerability The glFTPd server is vulnerable to a buffer overflow in the 'dupescan' program. This vulnerability is due to an unsafe strcpy call which can cause the program to crash when a...

6.4AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/09/17 12:0 a.m.30 views

SUSE-SA:2004:033: gtk2, gdk-pixbuf

The remote host is missing the patch for the advisory SUSE-SA:2004:033 gtk2, gdk-pixbuf. gdk-pixbuf is an image loading and rendering library mostly used by GTK and GNOME applications. It is distributed as a separate package for gtk1 and integrated into the gtk2 package. Chris Evans has discovere...

7.5CVSS5.6AI score0.09434EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/09/03 12:0 a.m.21 views

MailEnable HTTPMail Service Content-Length Header Overflow

The target is running at least one instance of MailEnable that has a flaw in the HTTPMail service MEHTTPS.exe in the Professional and Enterprise Editions. The flaw can be exploited by issuing an HTTP GET with an Content-Length header exceeding 100 bytes, which causes a fixed-length buffer to...

6.2AI score
Exploits0References2
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.14 views

CVE-2004-0068

PHP remote file inclusion vulnerability in config.php for PhpDig 1.6.5 and earlier allows remote attackers to execute arbitrary PHP code by modifying the $relativescriptpath parameter to reference a URL on a remote web server that contains the code...

7.6AI score0.01504EPSS
Exploits0References4
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.23 views

CVE-2002-0844

Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code...

8AI score0.0065EPSS
Exploits1References7
Rows per page
Query Builder