2833 matches found
CVE-2006-6237
SQL injection vulnerability in the decodecookie function in thread.php in Woltlab Burning Board Lite 1.0.2 allows remote attackers to execute arbitrary SQL commands via the threadvisit Cookie parameter...
ASPPortal-400.txt
Perl Script Decode: !/usr/bin/perl AspPortal Password Decrypter Get pass exploit.asp and this copy this window Speical Thanks To::: Nukedx ,For ASPPORTAL Decrypter ajann if@1 = 1 exploit; sub decrypt $lp = length$appass; $apkey =...
Directory Traversal vulnerability in IPCheck Monitor Server
Directory Traversal vulnerability in IPCheck Monitor Server -------------------------------------- Overview A directory traversal vulnerability has been identified in IPCheck Server Monitor Free/Trial/Professional, which may be exploited by potential attackers to retrieve files from the underlyin...
CVE-2006-3791
The decodestringmap function in servertransport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of service daemon termination via a large keysize or valsize, which causes a crash when the resize function cannot allocate sufficient memory...
CVE-2006-3561
BT Voyager 2091 Wireless firmware 2.21.05.08mA2pB018c1.d16d and earlier, and 3.01m and earlier, allow remote attackers to bypass the authentication process and gain sensitive information, such as configuration information via 1 /btvoyagergetconfig.sh, PPP credentials via 2 btvoyagergetpppcreds.sh...
[SA19383] PHP "html_entity_decode()" Information Disclosure Vulnerability
TITLE: PHP "htmlentitydecode" Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA19383 VERIFY ADVISORY: http://secunia.com/advisories/19383/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: PHP 4.3.x http://secunia.com/product/922/ PHP 4.4.x...
phpRPC decode function command execution
Added: 03/13/2006 CVE: CVE-2006-1032 BID: 16833 OSVDB: 23514 Background phpRPC is an xmlrpc library written in PHP supporting most databases. Problem A vulnerability in the decode function allows a remote attacker to execute arbitrary PHP commands placed inside a tag. Resolution phpRPC is no long...
security flaw
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service infinite loop via streams that end prematurely, as demonstrated using the 1 CCITTFaxDecode and 2 DCTDecode streams, aka "Infinite CPU spins."...
security flaw
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service crash via a crafted FlateDecode stream that triggers a null dereference...
security flaw
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with 1 a large "number of components" value that is not checked by...
MS Windows Metafile (WMF) Remote File Download Exploit Generator
Exploit for unknown platform in category remote exploits ================================================================ MS Windows Metafile WMF Remote File Download Exploit Generator ================================================================ / \ / WMF nDay download Exploit Generator \ by...
security flaw
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service infinite loop via streams that end prematurely, as demonstrated using the 1 CCITTFaxDecode and 2 DCTDecode streams, aka "Infinite CPU spins."...
security flaw
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows...
security flaw
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows...
security flaw
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service infinite loop via streams that end prematurely, as demonstrated using the 1 CCITTFaxDecode and 2 DCTDecode streams, aka "Infinite CPU spins."...
DEBIAN-CVE-2005-3625
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service infinite loop via streams that end prematurely, as demonstrated using the 1 CCITTFaxDecode and 2 DCTDecode streams, aka "Infinite CPU spins."...
security flaw
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service infinite loop via streams that end prematurely, as demonstrated using the 1 CCITTFaxDecode and 2 DCTDecode streams, aka "Infinite CPU spins."...
security flaw
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows...
zeroblogXSS.txt
Software: ZeroBlog Vendor: http://www.sothq.net Version: 1.2a , 1.1f Bug: XSS Exploitation: Remote --------------------------- Introduction: Zeroblog: Feature ritch weblog, d-board, live webcam option, and requires 3th party software, calendar, poll system, photogallery, smileys, search engine, 8...
security flaw
The bgpupdateprint function in tcpdump 3.x does not properly handle a -1 return value from the decodeprefix4 function, which allows remote attackers to cause a denial of service infinite loop via a crafted BGP packet...