CVE-2007-2651

Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a denial of service connection loss or possibly execute arbitrary code via a 1 DNS name response of the exact length as a buffer; or a long 2 channel name, 3 partyline channel name, or unspecified vector...

Microsoft Internet Explorer HTML Objects Script Errors Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. This vulnerability is related to how the browser handles script errors in certain situations. An attacker could exploit this issue to execute arbitrary code in the context of the user running the affected...

Microsoft Internet Explorer HTML Objects Script Errors Variant Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. This vulnerability is related to how the browser handles script errors in certain situations. An attacker could exploit this issue to execute arbitrary code in the context of the user running the affected...

Moderate: Red Hat Security Advisory: gcc security and bug fix update

Updated gcc packages that fix a security issue and various bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gcc packages include C, C++, Java, Fortran 77, Objective C, and Ada 95 GNU compilers and related support...

McAfee ePolicy Orchestrator SiteManager ActiveX Multiple Buffer Overflows (CVE-2007-1498)

Multiple vulnerabilities exist in the McAfee ePolicy Orchestrator ePO, and the Protection Pilot products. McAfee ePolicy Orchestrator is a central management system to enforce and monitor system security. A remote attacker could exploit this issue by convincing a user to visit a specially crafted...

Code injection

Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-2175...

CVE-2007-2176

Unspecified vulnerability in Mozilla Firefox allows remote attackers to execute arbitrary code via unspecified vectors involving Javascript errors. NOTE: this might be the same issue as CVE-2007-2175...

CVE-2007-2176

CVE-2007-2176 affects Mozilla Firefox with an unspecified vulnerability involving Javascript errors that allows remote code execution. The NVD entry reports a CVSS v2 base score of 10.0 (High) with network attack vector and near-total impact (Confidentiality, Integrity, Availability). The descrip...

Gallery 1.2.5 (GALLERY_BASEDIR) Multiple RFI Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ Gallery 1.2.5 GALLERYBASEDIR Multiple RFI Vulnerabilities ============================================================ Gallery 1.2.5 = Remote File Include Vulnerablites...

CVE-2007-1884

Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via 1 certain negative argument numbers that arise in the phpformattedprint function because of 64 to 32 bit...

CVE-2007-1884

Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via 1 certain negative argument numbers that arise in the phpformattedprint function because of 64 to 32 bit...

Integer overflow

Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via 1 certain negative argument numbers that arise in the phpformattedprint function because of 64 to 32 bit...

CVE-2007-1884

CVE-2007-1884 affects PHP 4.x before 4.4.5 and PHP 5.x before 5.2.1 on 64‑bit platforms. The vulnerability arises from integer signedness errors in the printf family, allowing context-dependent attackers to execute arbitrary code via (1) certain negative argument numbers from 64→32 bit truncation...

CVE-2007-1884

Multiple integer signedness errors in the printf function family in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 on 64 bit machines allow context-dependent attackers to execute arbitrary code via 1 certain negative argument numbers that arise in the phpformattedprint function because of 64 to 32 bit...

advisory-481.txt

KAPDA New advisory Vendor: http://www.flexbb.net Vulnerable Version: 1.0.0 10005 Beta Release 1 Bug: SQL Injection Exploitation: Remote with browser Description: -------------------- Flexbb is a freely available PHP-based message board program that uses a MySQL database. Vulnerability:...

CVE-2007-1578

Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD mcrimap4.exe 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow...

CVE-2007-1578

Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD mcrimap4.exe 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow...

CVE-2007-1578

CVE-2007-1578 : MERCUR IMAPD (Atrium MERCUR Messaging Server) is affected by multiple NTLMSSP-related memory corruption issues in the IMAP service’s NTLMSSP handling. The flaw is described as a stack-based buffer overflow triggered by a long NTLMSSP argument, allowing remote attackers to execute ...

wagora-multi.txt

vendor website: http://www.w-agora.com/ bug: multiples file upload,xss,full path disclosure,error sql global risk: critical file upload : there's actually 2 ways to upload a file on w-agora : 1on the forum you can post some attached file with your message and you can upload any kind of file then...

LIBFtp 5.0 (sprintf(), strcpy()) Multiple local buffer overflow

http://www.netsw.org/net/ip/filetrans/ftp/libftp/ Description the library has a multiple sprintf, strcpy buffer overflow in various functions. Source errors fvuln = FtpArchie FtpDebugDebug FtpOpenDir FtpSize the FtpString is a typedef of an array with 256bytes: FtpLibrary.h: typedef char...