CVE-2012-2703

CVE-2012-2703 describes an XSS vulnerability in the Drupal Advertisement module (versions 6.x-2.x prior to 6.x-2.3). When debug mode is enabled, an attacker could inject arbitrary script/HTML via the $conf variable in settings.php. Affected product: Drupal contributed Advertisement module for 6.x...

WSN Links - SQL Injection

WSN Links - SQL Injection 'WSN Links' SQL Injection Vulnerability CVE-2010-4006 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the search.php code that allows for SQL injection of various parameters. By assembling portion...

WSN Links - SQL Injection

'WSN Links' SQL Injection Vulnerability CVE-2010-4006 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the search.php code that allows for SQL injection of various parameters. By assembling portions of SQL code between the...

Long a Target, Sony's PS3 Faces Pirate Onslaught

A run on programmable USB boards suggests that an open source version of the recent PSJailbreak could make it tough for Sony to stamp out PS3 piracy. Lawyers working for Sony Corp. spent the waning months of the Australian winter in court trying to stop sales of a new product, PSJailbreak, that...

Security fix for the ALT Linux 6 package fetchmail version 6.3.17-alt1

May 9, 2010 Andrey Rahmatullin 6.3.17-alt1 - 6.3.17 + CVE-2010-1167: DoS in debug mode with multichar locales...

Security fix for the ALT Linux 5 package fetchmail version 6.3.17-alt1

May 9, 2010 Andrey Rahmatullin 6.3.17-alt1 - 6.3.17 + CVE-2010-1167: DoS in debug mode with multichar locales...

DEBIAN-CVE-2010-1167

fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service memory consumption and application crash via a crafted 1 message header or 2 POP3 UIDL list...

Code injection

fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service memory consumption and application crash via a crafted 1 message header or 2 POP3 UIDL list...

CVE-2010-1167

fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service memory consumption and application crash via a crafted 1 message header or 2 POP3 UIDL list...

CA iTechnology iGateway - Debug Mode Buffer Overflow (Metasploit)

$Id: caigatewaydebug.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

CA iTechnology iGateway Debug Mode Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ class Metasploit3 'CA iTechnology iGateway Debug...

CVE-2009-3462

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."...

Design/Logic Flaw

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."...

CVE-2009-3462

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."...

CVE-2009-3462

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."...

CVE-2009-3462

CVE-2009-3462 affects Adobe Reader and Acrobat on Unix (7.x/8.x/9.x) when Debug mode is enabled, enabling arbitrary code execution via a format bug. Connected advisories confirm patches: Red Hat RHSA-2009:1499 and SUSE SUSE-SA:2009:049 address Acrobat/Reader updates including acroread/acroread_ja...

acroread: Multiple arbitrary code execution fixes in 8.1.7 (APSB09-15)

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."...

Mandriva Update for acpid MDKA-2007:129 (acpid)

Check for the Version of acpid OpenVAS Vulnerability Test Mandriva Update for acpid MDKA-2007:129 acpid Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2008-4995

redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/redirect.log temporary file. NOTE: this vulnerability is only limited to debug mode, which is disabled by default...

CVE-2008-4995

The CVE-2008-4995 entry concerns bk2site 1.1.9, where a symlink attack against the temporary file /tmp/redirect.log in redirect.pl permits local users to overwrite arbitrary files. The underlying issue is a symlink-based write risk present when the program operates in debug mode (which is disable...