USN-2186-1: Date and Time Indicator vulnerability

It was discovered that the Date and Time Indicator incorrectly allowed Evolution to be opened at the greeter screen. An attacker could use this issue to possibly gain unexpected access to applications such as a web browser with privileges of the greeter user...

PostgreSQL Database Datetime Buffer Overflow (CVE-2014-0063)

A remote code execution vulnerability has been reported in PostgreSQL Database. The vulnerability is due to a stack buffer overflow when handling the Datetime string. A remote attacker can exploit the vulnerability by sending a malicious request to the target server...

Vulnerability in core server (CVE-2014-0063)

Potential buffer overruns in datetime input/output...

postgresql: stack-based buffer overflow in datetime input/output

Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via vectors related to an incorrect...

postgresql: stack-based buffer overflow in datetime input/output

Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via vectors related to an incorrect...

postgresql: stack-based buffer overflow in datetime input/output

Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via vectors related to an incorrect...

UBUNTU-CVE-2014-0063

Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service crash or possibly execute arbitrary code via vectors related to an incorrect...

rfc868-time NSE Script

Retrieves the day and time from the Time service. Example Usage nmap -sV Script Output PORT STATE SERVICE 37/tcp open time |rfc868-time: 2013-10-23T10:33:00 Requires comm datetime shortport stdnse string stringaux nmap os local comm = require "comm" local datetime = require "datetime" local...

php53 security, bug fix and enhancement update

5.3.3-21 - add security fix for CVE-2013-4248 5.3.3-20 - add security fix for CVE-2013-4113 5.3.3-19 - add upstream reproducer for errorhandler 951075 5.3.3-18 - add security fixes for CVE-2006-7243 5.3.3-17 - reorder security patches - add security fixes for CVE-2012-2688, CVE-2012-0831,...

Fedora 18 : php-5.4.17-2.fc18 (2013-12315)

04 Jul 2013, PHP 5.4.17 Core : - Fixed bug 64988 Class loading order affects ESTRICT warning. Laruence - Fixed bug 64966 segfault in zenddofcallcommonhelperSPEC. Laruence - Fixed bug 64960 Segfault in gczvalpossibleroot. Laruence - Fixed bug 64936 doc comments picked up from previous scanner run...

Fedora 17 : php-5.4.17-2.fc17 (2013-12354)

04 Jul 2013, PHP 5.4.17 Core : - Fixed bug 64988 Class loading order affects ESTRICT warning. Laruence - Fixed bug 64966 segfault in zenddofcallcommonhelperSPEC. Laruence - Fixed bug 64960 Segfault in gczvalpossibleroot. Laruence - Fixed bug 64936 doc comments picked up from previous scanner run...

php security, bug fix and enhancement update

5.3.3-22 - php-xml provides php-xmlreader and php-xmlwriter 874987 - fix possible NULL derefence and buffer overflow 879179 - fix zend garbage collector 848186, 868375 5.3.3-21 - fix CVE reference in previous changelog entry 5.3.3-20 - remove reproducer from security fix for CVE-2012-0781 5.3.3-1...

ssl-date NSE Script

Retrieves a target host's time and date from its TLS ServerHello response. In many TLS implementations, the first four bytes of server randomness are a Unix timestamp. The script will test whether this is indeed true and report the time only if it passes this test. Original idea by Jacob Appelbau...

openlookup-info NSE Script

Parses and displays the banner information of an OpenLookup network key-value store server. Example Usage nmap -p 5850 --script openlookup-info Script Output 5850/tcp open openlookup | openlookup-info: | sync port: 5850 | name: Paradise, Arizona | your address: 127.0.0.1:50162 | timestamp:...

snmp-win32-software NSE Script

Attempts to enumerate installed software through SNMP. Script Arguments snmp.version See the documentation for the snmp library. creds.service, creds.global See the documentation for the creds library. Example Usage nmap -sU -p 161 --script=snmp-win32-software Script Output | snmp-win32-software:...

ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability

ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-033.html October 10, 2006 -- CVE ID: CVE-2006-2387 -- Affected Vendor: Microsoft -- Affected Products: Microsoft Office 2000 SP3 Microsoft Office XP SP3 Microsof...

CVE-2006-2387

Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS file, a different vulnerability than...

CVE-2006-2387

Microsoft Excel contains a remote-code-execution vulnerability CVE-2006-2387 in the parsing of a malformed DATETIME record within XLS files. Affected products include Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004–2006. The root cause is insuf...

CVE-2006-2387

Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS file, a different vulnerability than...

Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target user into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by...