CVE-2005-0876

Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file...

CVE-2003-1094

BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result in an incorrect current user, such as in the frequent use of JNDI initial contexts, which could allow remote authenticated users to gain privileges...

CVE-2004-0900

The DHCP Server service for Microsoft Windows NT 4.0 Server and Terminal Server Edition does not properly validate the length of certain messages, which allows remote attackers to execute arbitrary code via a malformed DHCP message, aka the "DHCP Request Vulnerability."...

GLSA-200412-27 : PHProjekt: Remote code execution vulnerability

The remote host is affected by the vulnerability described in GLSA-200412-27 PHProjekt: Remote code execution vulnerability cYon discovered that the authform.inc.php script allows a remote user to define the global variable $pathpre. Impact : A remote attacker can exploit this vulnerability to...

Raven Software Soldier Of Fortune 2 - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/11735/info It is reported that Soldier of Fortune 2 is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to perform sufficient bounds checking on user-supplied input prior to copying it to a fixed-sized memo...

HP WebJetadmin code execution

No description provided...

[SECURITY] [DSA 542-1] New Qt packages fix arbitrary code execution and denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 542-1 [email protected] http://www.debian.org/security/ Martin Schulze August 30th, 2004 http://www.debian.org/security/faq -...

Painkiller <= 1.3.1 Denial of Service Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h include "winerr.h" define close closesocket else include unistd.h include sys/socket.h include sys/types.h include arpa/inet.h include netdb.h endif define VER...

Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation

Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation source: https://www.securityfocus.com/bid/10685/info Sun Java Virtual Machine is a component of the Sun Java infrastructure that performs the handling of Java applets and other programs. It is available for Uni...

Sun Java Virtual Machine 1.x - 'Font.createFont' Method Insecure Temporary File Creation

source: https://www.securityfocus.com/bid/10685/info Sun Java Virtual Machine is a component of the Sun Java infrastructure that performs the handling of Java applets and other programs. It is available for Unix, Linux, and Microsoft platforms. Sun Java Virtual Machine is prone to an insecure...

CVE-2004-0431

Integer overflow in Apple QuickTime QuickTime.qts before 6.5.1 allows attackers to execute arbitrary code via a large "number of entries" field in the sample-to-chunk table data for a .mov movie file, which leads to a heap-based buffer overflow...

Load Sharing Facility multiple bugs

Code execution, DoS...

tcpdump contains vulnerability in ISAKMP decoding function rawprint() in print-isakmp.c

Overview tcpdump contains a vulnerability in the way it parses Internet Security Association and Key Management Protocol ISAKMP packets. Description tcpdump is a widely-used network sniffer that is capable of decoding ISAKMP packets. A vulnerability exists in the way the tcpdump rawprint function...

Remote Code Execution in Knowledge Builder.

Remote Code Execution in Knowledge Builder. "Knowledge Builder" from www.activecampaign.com allows to execute code. Example: Create the following file on your webserver: ----index.php---- ? system$cmd; ? ----------------- And then type in the following URL:...

Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)

Microsoft Outlook Express 6.0 - MHTML Forced File Execution 2 source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem...

CVE-2003-0350

The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 ListView does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback...

CVE-2003-0491

The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file...

CVE-2002-0372

Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's IE security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path...

Microsoft Security Bulletin MS03-008: Flaw in Windows Script Engine Could Allow Code Execution (814078)

-----BEGIN PGP SIGNED MESSAGE----- - ------------------------------------------------------------------- Title: Flaw in Windows Script Engine Could Allow Code Execution 814078 Date: 19 March 2003 Software: Microsoft Windows 98 Microsoft Windows 98 Second Edition Microsoft Windows Me Microsoft...

MS02-052: Flaw in Microsoft VM Could Allow Code Execution (810030)

The remote host is running a Microsoft VM machine that has a bug in its bytecode verifier that could allow a remote attacker to execute arbitrary code on this host, with the privileges of the SYSTEM. To exploit this vulnerability, an attacker would need to send a malformed applet to a user on thi...