Lucene search
K

2221 matches found

EUVD
EUVD
added 2004/06/10 4:0 a.m.4 views

EUVD-2004-0541

PHP before 4.3.7 on Win32 platforms does not properly filter all shell metacharacters, which allows local or remote attackers to execute arbitrary code, overwrite files, and access internal environment variables via 1 the "%", "|", or "" characters to the escapeshellcmd function, or 2 the "%"...

10CVSS7.4AI score0.31108EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2004/04/26 12:0 a.m.29 views

Multiple Vulnerabilities in ssmtp

Background SSMTP is a very simple mail transfer agent MTA that relays mail from the local machine to another SMTP host. It is not designed to function as a full mail server; its sole purpose is to relay mail. Description There are two format string vulnerabilities inside the logevent and die...

5CVSS7.2AI score0.03504EPSS
Exploits0
exploitpack
exploitpack
added 2004/04/20 12:0 a.m.19 views

RhinoSoft Serv-U FTP Server 3.x4.x5.0 - LIST Buffer Overflow

RhinoSoft Serv-U FTP Server 3.x4.x5.0 - LIST Buffer Overflow source: https://www.securityfocus.com/bid/10181/info Reportedly Serv-U is affected by a remote buffer overflow vulnerability in the list parameter. This issue is due to a failure of the application to properly validate buffer boundaries...

0.4AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/03/26 12:0 a.m.18 views

UUDeview MIME Buffer Overflow

Background UUDeview is a program which is used to transmit binary files over the Internet in a text-only format. It is commonly used for email and Usenet attachments. It supports multiple encoding formats, including Base64, BinHex and UUEncoding. Description By decoding a MIME archive with...

2.9AI score
Exploits0
exploitpack
exploitpack
added 2004/03/24 12:0 a.m.13 views

HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload

HP Web Jetadmin 7.5.2456 - Printer Firmware Update Script Arbitrary File Upload source: https://www.securityfocus.com/bid/9971/info HP Web Jetadmin is prone to an issue which may permit remote users to upload arbitrary files to the management server. This issue exists in the printer firmware upda...

7.4AI score
Exploits0
CERT
CERT
added 2004/03/24 12:0 a.m.46 views

Ethereal integer underflow when parsing malformed PGM packets with NAK lists

Overview Ethereal fails to properly parse Pragmatic General Multicast PGM packets containing a crafted negative acknowledgement NAK list. Description Ethereal is a network traffic analysis package. It includes the ability to decode packets containing PGM data. There is a vulnerability in the way...

5CVSS7.9AI score0.67092EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2004/02/08 12:0 a.m.38 views

libxml2 stack buffer overflow in URI parsing

Yuuichi Teranishi reported a crash in libxml2's URI handling when a long URL is supplied. The implementation in nanohttp.c and nanoftp.c uses a 4K stack buffer, and longer URLs will overwrite the stack. This could result in denial-of-service or arbitrary code execution in applications using libxm...

7.5CVSS7.2AI score0.24232EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2003/11/25 12:0 a.m.24 views

Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)

source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/10/25 12:0 a.m.15 views

Microsoft Windows XP2000 - Messenger Service Buffer Overrun (MS03-043)

Microsoft Windows XP2000 - Messenger Service Buffer Overrun MS03-043 // source: https://www.securityfocus.com/bid/8826/info Microsoft Windows Messenger Service is prone to a remotely exploitable buffer overrun vulnerability. This is due to insufficient bounds checking of messages before they are...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2003/09/30 12:0 a.m.81 views

Subject: [OpenPKG-SA-2003.044] OpenPKG Security Advisory (openssl)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2003.044 30-Sep-2003 Package: openssl Vulnerability: denial of service, possibly...

10CVSS9.9AI score0.85449EPSS
Exploits0
exploitpack
exploitpack
added 2003/09/17 12:0 a.m.13 views

Sendmail 8.12.9 - Prescan() Variant Remote Buffer Overrun

Sendmail 8.12.9 - Prescan Variant Remote Buffer Overrun / source: https://www.securityfocus.com/bid/8641/info Sendmail is prone to a buffer overrun vulnerability in the prescan function. This issue is different than the vulnerability described in BID 7230. This vulnerability could permit remote...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2003/09/16 12:0 a.m.30 views

NetWin DBabble 2.5 i - Cross-Site Scripting

NetWin DBabble 2.5 i - Cross-Site Scripting source: https://www.securityfocus.com/bid/8637/info A cross-site scripting problem has been reported in NetWin DBabble. This could make it possible for an attacker to potentially execute code in the security context of a site using the vulnerable...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2003/09/15 12:0 a.m.23 views

ChatZilla 0.8.23 - Remote Denial of Service

ChatZilla 0.8.23 - Remote Denial of Service // source: https://www.securityfocus.com/bid/8627/info It has been reported that ChatZilla is prone to a denial of service vulnerability. The problem arises as a remote attacker posing as an IRC server sends specially crafted requests to the client...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/08 12:0 a.m.28 views

MyServer 0.5 - GET Argument Buffer Overflow

// source: https://www.securityfocus.com/bid/7770/info myServer has been reported prone to a remote buffer overflow vulnerability. The vulnerability exists when the web server attempts to process HTTP GET requests of excessive length. Although unconfirmed, this vulnerability may be exploited to...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/09/04 12:0 a.m.53 views

Microsoft Security Bulletin MS03-036: Buffer Overrun in WordPerfect Converter Could Allow Code Execution(827103)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Buffer Overrun in WordPerfect Converter Could Allow Code Execution 827103 Date: 03 September 2003 Software: Microsoft Office 97 Microsoft Office 2000 Microsoft Office XP Microsoft Wo...

Exploits0
exploitpack
exploitpack
added 2003/07/11 12:0 a.m.10 views

University of Minnesota Gopherd 2.0.x2.33.0.x - FTP Gateway Buffer Overflow

University of Minnesota Gopherd 2.0.x2.33.0.x - FTP Gateway Buffer Overflow // source: https://www.securityfocus.com/bid/8167/info It has been reported that the FTP gateway component within the gopherd server is prone to a buffer overflow vulnerability. This vulnerability may be present due to a...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2003/06/26 12:0 a.m.118 views

Microsoft Security Bulletin MS03-022: Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution (Q822343)

-----BEGIN PGP SIGNED MESSAGE----- - - ------------------------------------------------------------------ Title: Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution 822343 Date: 25 June 2003 Software: Microsoftr Windowsr 2000 Impact: Allow an attacker to execute code of...

0.3AI score
Exploits0
OSV
OSV
added 2003/06/09 4:0 a.m.2 views

DEBIAN-CVE-2003-0245

Vulnerability in the aprpsprintf function in the Apache Portable Runtime APR library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via long strings, as demonstrated using XML objects to moddav, and possibly other...

5CVSS7.9AI score0.63456EPSS
Exploits0References1
securityvulns
securityvulns
added 2003/05/31 12:0 a.m.49 views

Microsoft Security Bulletin MS03-019: Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution (817772)

-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------- Title: Flaw in ISAPI Extension for Windows Media Services Could Cause Code Execution 817772 Date: 28 May 2003 Software: Microsoftr Windows NTr 4.0, and Windowsr 2000 Impact: Allow an attacker ...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/05/31 12:0 a.m.23 views

iisCart2000 - Arbitrary File Upload

source: https://www.securityfocus.com/bid/7765/info A vulnerability has been reported for iisCart2000 that may result in an attacker uploading arbitrary files to a vulnerable server. The vulnerability exists in the upload.asp script. This will allow an attacker to upload arbitrary files to the...

7.4AI score
Exploits0
Rows per page
Query Builder