Lucene search
K

2665 matches found

NVD
NVD
added 2006/10/17 9:7 p.m.33 views

CVE-2006-5327

Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain...

7.2CVSS7.2AI score0.00569EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.23 views

Debian DSA-1075-1 : awstats - programming error

Hendrik Weimer discovered that awstats can execute arbitrary commands under the user id the web-server runs when users are allowed to supply arbitrary configuration files. Even though, this bug was referenced in DSA 1058 accidentally, it was not fixed yet. The new default behaviour is not to acce...

4CVSS5.8AI score0.02712EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/10/12 12:0 a.m.36 views

Sun Solaris NSPR library privilege escalation

Environment variable is used for log filename...

3.8AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/09/16 12:0 a.m.10 views

AIX 5.1 : IY27322

The remote host is missing AIX Critical Security Patch number IY27322 SECURITY: Environment variable name string too short.. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

5.5AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/13 12:0 a.m.54 views

X11R6 < 6.4 XKEYBOARD (Solaris/SPARC) - Local Buffer Overflow (2)

/ $Id: raptorxkb.c,v 1.1 2006/09/13 16:18:36 raptor Exp $ raptorxkb.c - XKEYBOARD Strcmp, Solaris/SPARC 8/9/10 Copyright c 2006 Marco Ivaldi Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8...

4.6CVSS6.8AI score0.00874EPSS
Exploits3
Exploit DB
Exploit DB
added 2006/09/08 12:0 a.m.36 views

X11R6 < 6.4 XKEYBOARD (Solaris/SPARC) - Local Buffer Overflow (1)

/ X11R6 XKEYBOARD extension Strcmp for Sun Solaris 8 9 10 SPARC Copyright 2006 RISE Security , Ramon de Carvalho Valle This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2006/08/14 11:4 p.m.37 views

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

4.6CVSS5.9AI score0.00449EPSS
Exploits1References1
NVD
NVD
added 2006/08/14 11:4 p.m.22 views

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

4.6CVSS6.5AI score0.00449EPSS
Exploits1References6
Cvelist
Cvelist
added 2006/08/14 11:0 p.m.26 views

CVE-2006-4124

The libXm library in LessTif 0.95.0 and earlier allows local users to gain privileges via the DEBUGFILE environment variable, which is used to create world-writable files when libXm is run from a setuid program...

6.5AI score0.00449EPSS
Exploits1References6
CVE
CVE
added 2006/08/14 11:0 p.m.49 views

CVE-2006-4124

The CVE-2006-4124 issue affects the libXm library in LessTif

4.6CVSS6.5AI score0.00449EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2006/08/08 10:4 p.m.24 views

CVE-2006-3862

Buffer overflow in IBM Informix Dynamic Server IDS 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable envariable...

7.5CVSS7.6AI score0.03462EPSS
Exploits0References9
Cvelist
Cvelist
added 2006/08/08 10:0 p.m.26 views

CVE-2006-3862

Buffer overflow in IBM Informix Dynamic Server IDS 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable envariable...

7.6AI score0.03462EPSS
Exploits0References9
Exploit DB
Exploit DB
added 2006/07/26 12:0 a.m.39 views

Solaris 8/9 ps - Environment Variable Information leak

Solaris 8/9 ps - Environment Variable Information leak. CVE-1999-1587. Local exploit for Solaris platform !/bin/sh $Id: raptorucbps,v 1.1 2006/07/26 12:15:42 raptor Exp $ raptorucbps - information leak with Solaris /usr/ucb/ps Copyright c 2006 Marco Ivaldi A security vulnerability in the...

2.1CVSS6.5AI score0.00945EPSS
Exploits3
OSV
OSV
added 2006/07/25 11:4 p.m.2 views

DEBIAN-CVE-2006-3848

Cross-site scripting XSS vulnerability in CGI wrapper for IP Calculator IPCalc 0.40 allows remote attackers to inject arbitrary web script or HTML via the URI REQUESTURI environment variable, which is used in the actionurl variable...

2.6CVSS6AI score0.01672EPSS
Exploits0References1
NVD
NVD
added 2006/06/22 10:6 p.m.16 views

CVE-2006-3159

pipemaster in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 built May 14 2003 allows local users to read portions of restricted files via a symlink attack on msg.conf in a directory identified by the CONFIGROOT environment variable, which returns the first line of the file in an error message...

2.1CVSS6.1AI score0.00343EPSS
Exploits0References8
Cvelist
Cvelist
added 2006/06/22 10:0 p.m.17 views

CVE-2006-3159

pipemaster in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 built May 14 2003 allows local users to read portions of restricted files via a symlink attack on msg.conf in a directory identified by the CONFIGROOT environment variable, which returns the first line of the file in an error message...

6.1AI score0.00343EPSS
Exploits0References8
OSV
OSV
added 2006/05/26 12:0 a.m.35 views

DSA-1075-1 awstats - programming error

Bulletin has no description...

4CVSS6.2AI score0.04827EPSS
Exploits0
Prion
Prion
added 2006/05/23 10:6 a.m.11 views

Design/Logic Flaw

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling...

10CVSS7.7AI score0.03369EPSS
Exploits0References9
NVD
NVD
added 2006/05/23 10:6 a.m.22 views

CVE-2006-2547

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling...

10CVSS7.2AI score0.03369EPSS
Exploits0References9
Cvelist
Cvelist
added 2006/05/23 10:0 a.m.23 views

CVE-2006-2547

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling...

7.2AI score0.03369EPSS
Exploits0References9
Rows per page
Query Builder