7707 matches found
[ZH2004-19SA] Possible execution of remote shell commands in Opera with kfmclien
Author: Giovanni Delvecchio e-mail: [email protected] Original Advisory: http://www.zone-h.org/advisories/read/id=6503 Tested version: Opera 7.54 linux version with Kde 3.2.3 Problem: ======= Opera for linux uses "kfmclient exec" as "Default Application" to handle saved files. This could be...
CVE-2004-1087
Terminal for Apple Mac OS X 10.3.6 may indicate that "Secure Keyboard Entry" is enabled even when it is not, which could result in a false sense of security for the user...
Winamp <= 5.06 IN_CDDA.dll Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ========================================================= Winamp //File ops. //m3u File format //http://hanna.pyxidis.org/tech/m3u.html // Host info: // Name=ntdll system // File version=5.1.2600.1217 xpsp2.030429-213 //...
Multiple Browsers - Tabbed Browsing
Multiple Browsers - Tabbed Browsing Test Your Browser Open the link below in a new tab, then try to type data into form fields on the CitiBank website. Open this Link in New Tab Result: Keystrokes you pressed on the CitiBank website. /textarea // milw0rm.com 2004-10-22...
CVE-2002-1384
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf...
CVS < 1.11.16 / 1.12.8 pserver Line Entry Handling Remote Overflow
Binary data 1220.prm...
FreeBSD : Mutiple browser frame injection vulnerability (83) (deprecated)
The remote host is missing an update to the system The following package is affected: firefox This plugin has been deprecated since the advisory has been canceled. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the VuXML entry has been cancelled. Disabled on 2015/11/30. C...
DEBIAN-CVE-2004-0414
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service crash, modification of critical program data, or arbitrary code execution...
DEBIAN-CVE-2004-0548
Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the 1 "c" compress option or 2 "d" decompress option...
Verylost LostBook 1.1 - Message Entry HTML Injection
source: https://www.securityfocus.com/bid/10825/info Reportedly Verylost lostBook is affected by an HTML injection vulnerability in its message entry functionality. This issue is due to a failure of the application to properly validate and sanitize user-supplied input before including it in...
Fedora Core 1 : cvs-1.11.17-1 (2004-169)
While investigating a previously fixed vulnerability, Derek Price discovered a flaw relating to malformed 'Entry' lines which lead to a missing NULL terminator. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2004-0414 to this issue. Stefan Esser and...
RHEL 2.1 / 3 : cvs (RHSA-2004:190)
An updated cvs package that fixes a server vulnerability that could be exploited by a malicious client is now available. CVS is a version control system frequently used to manage source code repositories. Stefan Esser discovered a flaw in cvs where malformed 'Entry' lines could cause a heap...
[Full-Disclosure] Lotus Notes URL argument injection vulnerability
OVERVIEW ======== Lotus Notes is a groupware/e-mail system developed by Lotus Software. Due to its security and collaboration features it's used particularly by large organizations, government agencies, etc. IBM estimates it is used by 60 million people. During the client-side Windows installatio...
CVS Remote Entry Line Heap Overflow Root Exploit (Linux/FreeBSD)
Exploit for multiple platform in category remote exploits ================================================================ CVS Remote Entry Line Heap Overflow Root Exploit Linux/FreeBSD ================================================================ include include include include include includ...
CVS (LinuxFreeBSD) - Remote Entry Line Heap Overflow
CVS LinuxFreeBSD - Remote Entry Line Heap Overflow include include include include include include include include include include include include include include typedef unsigned char uchar; void progressvoid; int brutecvsrootvoid; int bruteusernamevoid; int brutepasswordvoid; void hdlcrashedint...
CVS Remote Entry Line Root Heap Overflow Exploit
Exploit for solaris platform in category remote exploits ================================================ CVS Remote Entry Line Root Heap Overflow Exploit ================================================ include include include include include include include include include include include inclu...
CVS - Remote Entry Line Root Heap Overflow
include include include include include include include include include include include include include include define CVSPORT 2401 define RET 0xffbffd20 define NOP 0x82102017 define ROUNDs if s % wordsize s += wordsize - s % wordsize unsigned char root; unsigned char user; unsigned char pass;...
DEBIAN-CVE-2004-0396
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines...
security flaw
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service crash, modification of critical program data, or arbitrary code execution...
Critical: Red Hat Security Advisory: cvs security update
An updated cvs package that fixes several server vulnerabilities, which could be exploited by a malicious client, is now available. CVS is a version control system frequently used to manage source code repositories. While investigating a previously fixed vulnerability, Derek Price discovered a fl...