900 matches found
CVE-2006-3552
Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium are affected. Using a specific .dat file in the StarEngine /data directory up to 20060630 or earlier prevents proper reception and implementation of bullet signature updates, enabling context-dependent attackers to misuse the ...
security flaw
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different...
Mandrake Linux Security Advisory : postgresql (MDKSA-2006:098)
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of 'Encoding-Based SQL...
CVE-2006-2719
JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HRStaff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to obtain the passwords...
Design/Logic Flaw
JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HRStaff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to obtain the passwords...
CVE-2006-2719
JIWA Financials 6.4.14 stores usernames and passwords for all accounts in cleartext in the HRStaff table in Microsoft SQL Server, and sends the usernames and passwords in cleartext to the application's SQL Server ODBC driver, which might allow context-dependent attackers to obtain the passwords...
CVE-2006-2334
The RtlDosPathNameToNtPathNameU API function in NTDLL.DLL in Microsoft Windows 2000 SP4 and XP SP2 does not properly convert DOS style paths with trailing spaces into NT style paths, which allows context-dependent attackers to create files that cannot be accessed through the expected DOS path or...
CVE-2006-1902
foldbinary in fold-const.c in GNU Compiler Collection gcc 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQEXPR and NEEXPR, which might introduce buffer overflow vulnerabilities into applications that could b...
CVE-2006-1902
foldbinary in fold-const.c in GNU Compiler Collection gcc 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQEXPR and NEEXPR, which might introduce buffer overflow vulnerabilities into applications that could b...
CVE-2006-1902
CVE-2006-1902 affects GNU Compiler Collection (gcc) 4.1. The issue, described consistently across connected sources, is in fold_binary inside fold-const.c where pointer overflow occurs when folding a specific expression comparison to a corresponding offset comparison (excluding EQ_EXPR/NE_EXPR). ...
Buffer overflow
flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator flex before 2.5.33 does not allocate enough memory for grammars containing 1 REJECT statements or 2 trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependen...
CVE-2006-0746
Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present in CVE-2005-3627...
Integer overflow
Tiny C Compiler TCC 0.9.23 aka TinyCC evaluates the "isizeofint" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers...
CVE-2006-0634
Borland C++Builder 6 BCB6 with Update Pack 4 Enterprise edition entupd4 evaluates the "isizeofint" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers...
CVE-2006-0635
Tiny C Compiler TCC 0.9.23 aka TinyCC evaluates the "isizeofint" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers...
DEBIAN-CVE-2006-0635
Tiny C Compiler TCC 0.9.23 aka TinyCC evaluates the "isizeofint" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers...
CVE-2006-0635
Tiny C Compiler TCC 0.9.23 aka TinyCC evaluates the "isizeofint" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers...
CVE-2006-0635
Tiny C Compiler TCC 0.9.23 aka TinyCC evaluates the "isizeofint" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers...
CVE-2006-0635
Tiny C Compiler TCC 0.9.23 aka TinyCC evaluates the "isizeofint" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers...
CVE-2006-0634
CVE-2006-0634 — The provided materials identify Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise (ent_upd4) as affected. The root cause described is that evaluating the expression i > sizeof(int) yields false when i equals -1, which could introduce integer overflow vulnerabilities in ...