2297 matches found
CVE-2007-4730
Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap...
Cross site scripting
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Firefox installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a 1 FirefoxURL or 2 FirefoxHTM...
Symantec Veritas NetBackup bpcd.exe CONNECT_OPTIONS buffer overflow
Overview Symantec Veritas NetBackup contains a buffer overflow vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Symantec VERITAS NetBackup is a client/server based backup software solution. The NetBackup bpcd daemon is...
Setuid() - nproc limit the type of vulnerability of in-depth analysis-vulnerability warning-the black bar safety net
Setuid - nproc limit the type of vulnerability of in-depth analysis PST --------- Subject : Setuid - nproc limit the type of vulnerability of in-depth analysis --------- Author : [email protected] --------- Copyright : www.ph4nt0m.org www.secwiki.com --------- Date : 07/20/2006 ---------...
Dia multiple buffer overflows
Multiple buffer overflows in the xfig import code xfig-import.c in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid 1 color index, 2 number of points, or 3 depth...
Buffer overflow
Multiple buffer overflows in the xfig import code xfig-import.c in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid 1 color index, 2 number of points, or 3 depth...
CVE-2006-1550
Multiple buffer overflows in the xfig import code xfig-import.c in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid 1 color index, 2 number of points, or 3 depth...
DEBIAN-CVE-2006-1550
Multiple buffer overflows in the xfig import code xfig-import.c in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid 1 color index, 2 number of points, or 3 depth...
CVE-2006-1550
Multiple buffer overflows in the xfig import code xfig-import.c in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid 1 color index, 2 number of points, or 3 depth...
CVE-2005-1952
CVE-2005-1952 affects Pico Server (pServ) 3.3. A directory traversal flaw allows remote attackers to read arbitrary files and, via a crafted URL containing /./ before each .. sequence, potentially execute arbitrary commands due to an incorrect directory depth count. Exploitation details are not p...
Sendmail 8.11.x Exploit (i386-Linux)
Exploit for linux platform in category local exploits ==================================== Sendmail 8.11.x Exploit i386-Linux ==================================== / sendmail 8.11.x exploit i386-Linux by email protected email protected This code exploits well-known local-root bug in sendmail 8.11....
Sendmail 8.11.x (Linux/i386) - Local Privilege Escalation
/ sendmail 8.11.x exploit i386-Linux by [email protected] sd@ircnet This code exploits well-known local-root bug in sendmail 8.11.x, 8.12.x may be vulnerable too, but I didn't test it. It gives instant root shell with +s sendmail 8.11.x, x 6 We're using objdump, gdb & grep in order to obtain VECT, so make...
Атаки через tmpwatch
При удалении каталога tmpwatch запускает отдельный процесс на каждый уровень вложенности. Это позволяет вызвать остановку системы, создав временную директорию с большим уровенм вложенности. Кроме того, при вызове внешнего приложения не проверяются shell-символы в имени файла...
nt4+sp4.filename.length.txt
Bug in WinNT 4.0 SP4 Alvaro Gilabert [email protected] Mon, 19 Apr 1999 15:15:36 +-200 Hi, I supose it is a bug and I will explain why do I think so You can exceed the limit in the number of chars allowed in a filename. WinNT does allow it. You can move a folder to a deeper one exceeding it. But,...
MS07-047: Vulnerability in Windows Media Player could allow remote code execution
None None...
Microsoft Security Advisory 3045755: Update to improve PKU2U authentication
None None...
Security Update For Exchange Server 2013 CU22 (KB4503028)
This update for Microsoft Exchange Server provides enhanced security as a defense in depth measure...