CVE-2018-12327

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which nt...

CVE-2018-12327

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which nt...

MS15-088 Description of the security update for Windows, Internet Explorer, and Office: August 11, 2015

MS15-088 Description of the security update for Windows, Internet Explorer, and Office: August 11, 2015 Summary This security update helps resolve an information disclosure vulnerability in Windows, Internet Explorer, and Microsoft Office. To exploit the vulnerability, an attacker would first hav...

rhscon-ceph: password leak by command line parameter

A flaw was found in the way authentication details were passed between rhscon-ceph and rhscon-core. An authenticated, local attacker could use this flaw to recover the cleartext password...

Locky is Back Asking for Unpaid Debts

On June 21, 2016, FireEye’s Dynamic Threat Intelligence DTI identified an increase in JavaScript contained within spam emails. FireEye analysts determined the increase was the result of a new Locky ransomware spam campaign. As shown in Figure 1, Locky spam activity was uninterrupted until June 1,...

CVE-2015-2423

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2,...

MS15-088: Unsafe Command Line Parameter Passing Could Allow Information Disclosure (3082458)

The remote Windows host is affected by an information disclosure vulnerability when files at a medium integrity level become accessible to Internet Explorer running in Enhanced Protection Mode EPM. An attacker can exploit this vulnerability by leveraging another vulnerability to execute code in I...

CVE-2004-1681

Multiple buffer overflows in 1 phrelay-cfg, 2 phlocale, 3 pkg-installer, or 4 input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s server command line parameter...

CVE-2003-1006

Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter...

XMame 0.6x - Lang Local Buffer Overflow

XMame 0.6x - Lang Local Buffer Overflow // source: https://www.securityfocus.com/bid/7773/info Xmame is prone to a locally exploitable buffer overflow. This is due to insufficient bounds checking of the command line parameter used to specify language settings --lang. Successful exploitation on so...

XMame 0.6x - Lang Local Buffer Overflow

// source: https://www.securityfocus.com/bid/7773/info Xmame is prone to a locally exploitable buffer overflow. This is due to insufficient bounds checking of the command line parameter used to specify language settings --lang. Successful exploitation on some systems could result in execution of...

CVE-2002-1127

Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source -s command line parameter...

Slrnpull Buffer Overflow (-d parameter)

Slrnpull Buffer Overflow -d parameter ======================================= Author: Alex Hernandez [email protected] Thanks all the people from Spain and Argentina. Special Greets: White-B, Paco Spain, Gabriel M. Thanks friends for all the research: + Solar Eclipse...

NSFOCUS SA2002-01: Sun Solaris Xsun "-co" heap overflow

NSFOCUS Security AdvisorySA2002-01 Topic: Sun Solaris Xsun "-co" heap overflow Release Date: 2002-4-02 CVE CAN ID : CAN-2002-0158 Affected system: ================ - Sun Solaris 2.6 SPARC/x86 - Sun Solaris 7 SPARC/x86 - Sun Solaris 8 SPARC/x86 Impact: ========= NSFOCUS Security Team has found a...

CVE-1999-1117

CVE-1999-1117 affects IBM AIX 4.1 and 4.2 where the lquerypv component can be exploited locally to read arbitrary files by supplying a file path in the -h argument. The underlying issue is a local access vulnerability impacting confidentiality (per CVSS: Partial). No explicit exploit code, workar...

CVE-1999-1117

lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter...