CVE-2007-0803

Multiple buffer overflows in STLport before 5.0.3 allow remote attackers to execute arbitrary code via unspecified vectors relating to 1 "print floats" and 2 a missing null termination in the "rope constructor."...

Buffer overflow

Multiple buffer overflows in STLport before 5.0.3 allow remote attackers to execute arbitrary code via unspecified vectors relating to 1 "print floats" and 2 a missing null termination in the "rope constructor."...

CVE-2007-0803

Multiple buffer overflows in STLport before 5.0.3 allow remote attackers to execute arbitrary code via unspecified vectors relating to 1 "print floats" and 2 a missing null termination in the "rope constructor."...

Solaris 10 libnspr constructor Local Root Exploit

No description provided by source. !/bin/sh $Id: raptorlibnspr3,v 1.1 2006/10/24 15:54:57 raptor Exp $ raptorlibnspr3 - Solaris 10 libnspr constructor exploit Copyright c 2006 Marco Ivaldi [email protected] Local exploitation of a design error vulnerability in version 4.6.1 of NSPR, as...

Solaris 10 libnspr constructor Local Root Exploit

Exploit for solaris platform in category local exploits ================================================= Solaris 10 libnspr constructor Local Root Exploit ================================================= !/bin/sh $Id: raptorlibnspr3,v 1.1 2006/10/24 15:54:57 raptor Exp $ raptorlibnspr3 - Solari...

Solaris 10 libnspr - Constructor Arbitrary File Creation Privilege Escalation (3)

Solaris 10 libnspr - Constructor Arbitrary File Creation Privilege Escalation 3 !/bin/sh $Id: raptorlibnspr3,v 1.1 2006/10/24 15:54:57 raptor Exp $ raptorlibnspr3 - Solaris 10 libnspr constructor exploit Copyright c 2006 Marco Ivaldi Local exploitation of a design error vulnerability in version...

Sun Solaris Netscape Portable Runtime API 4.6.1 - Local Privilege Escalation (2)

source: https://www.securityfocus.com/bid/20471/info The Netscape Portable Runtime API running on Sun Solaris 10 operating system is prone to a local privilege-escalation vulnerability. A successful exploit of this issue allows an attacker to gain superuser privileges, completely compromising the...

CVE-2006-4372

The CVE-2006-4372 vulnerability affects the Mambo CMS (Lurm Constructor component com_lurm_constructor) version 0.6b and earlier. It allows remote attackers to execute arbitrary PHP code by supplying a URL in the lm_absolute_path parameter, via a PHP remote file inclusion vulnerability. Public re...

security flaw

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the...

security flaw

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the...

security flaw

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the...

security flaw

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the...

DEBIAN-CVE-2006-3807

Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the...

Mozilla products fail to properly validate JavaScript constructors

Overview Mozilla products fail to properly validate references returned by JavaScript constructors. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Mozilla Foundation Security Advisory 2006-51: JavaScript functions have a...

Privilege escalation using named-functions and redefined "new Object()" — Mozilla

mozbugra4 discovered that named JavaScript functions have a parent object created using the standard Object constructor ECMA-specified behavior and that this constructor can be redefined by script also ECMA-specified behavior. If the Object constructor is changed to return a reference to a...

CVE-2005-1682

JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does not properly validate the message number in the MimeMessage constructor in javax.mail.internet.InternetHeaders, which allows remote authenticated users to read other users' e-mail messages by modifying the msgno parameter. NOTE...

PT-2005-2659 · Oracle · Javamail Api

Name of the Vulnerable Software and Affected Versions: JavaMail API affected versions not specified Description: The issue concerns the JavaMail API, which does not properly validate the message number in the MimeMessage constructor in javax.mail.internet.InternetHeaders. This allows remote...

[Full-Disclosure] iDEFENSE Security Advisory 08.02.04: Netscape/Mozilla SOAPParameter Constructor Integer Overflow Vulnerability

Netscape/Mozilla SOAPParameter Constructor Integer Overflow Vulnerability www.idefense.com/application/poi/display?id=117&type=vulnerabilities August 2, 2004 iDEFENSE Security Advisory 08.02.04: I. BACKGROUND SOAP is an XML-based messaging protocol which defines a set of rules for structuring...